Devise with Omniauth for multiple models without STI

Hi i came here with a similar problem and i came across with this solution, maybe i will help the next one. In my case i have two devise models where i work with omniauth in different ways, my first model was an user who can sign in with normal devise sign up or with omniauth, the second one was an artist, who just can sign up with regular sing up form, but i still going to need omniauth for authenticate a value from twitter, the verified field(That little check on twitters profiles that means if a famous user is really that guy).

So when i came with i can't have two devise omniauthable models i just decide to use the same omniauth for both.

class Users::OmniauthCallbacksController < Devise::OmniauthCallbacksController
  def all
    if artist_signed_in? and session["devise.authorize"] == current_artist.email
      session["devise.authorize"] = nil
      if current_artist.artist_profile.update_from_omniauth(request.env["omniauth.auth"])
        if current_artist.artist_profile.verified
          flash[:notice] = "You were verified"
        else
          flash[:alert] = "Twitter go well but you aren't verified there"
        end
        redirect_to edit_artist_profile_path(current_artist.artist_profile)
      else
        flash[:error] = "We can't connect with #{request.env["omniauth.auth"].provider.titleize.split(" ").first}"
        redirect_to edit_artist_profile_path(current_artist.artist_profile)
      end
    elsif !user_signed_in?
      user = User.from_omniauth(request.env["omniauth.auth"])
      if user.persisted?
        flash[:notice] = I18n.t "devise.omniauth_callbacks.success", :kind => user.provider.titleize.split(" ").first
        user.user_profile.from_omniauth(request.env["omniauth.auth"])
        sign_in_and_redirect user, :event => :authentication
      else
        session["count_errors"] = 0 if session["devise.user_attributes"] == nil
        session["devise.user_attributes"] = user.attributes
        redirect_to new_user_registration_url
      end
    else
      flash[:notice] = "You are already log in #{current_user.email}"
      redirect_to root_path
    end
  end

  def after_omniauth_failure_path_for(scope)
    if artist_signed_in? and session["devise.authorize"] == current_artist.email
      session["devise.authorize"] = nil
      edit_artist_profile_path(current_artist.artist_profile)
    else
      super
    end
  end

  alias_method :twitter, :all
end

For the first case, the normal users, we have

elsif !user_signed_in?

it will do the normal process and everything is just like every guide, but for the second case(the verified field and the artist profiles) i send a little session with some random value

session["devise.authorize"]

and i call the link with a new route from my artist profile controller

<%= link_to "Verify with Twitter", artist_profiles_integrate_twitter_path %>

who loads the session and redirects to the user omniauth route

class ArtistProfilesController < ApplicationController
   ...
   def integrate_twitter
      session["devise.authorize"] = current_artist.email
      redirect_to user_omniauth_authorize_path(:twitter)
   end
 end

Then i defined a couple of methods in each classes for working with omniauth, the first creates the user(based on railscast episode "devise-omniauth-revised") and the second just update the field on my artist profile model, you should override after_omniauth_failure_path_for(scope), this just returns the path for failures on login, using the same technique you change the after error path(when fails to connect with twitter, for example, it will redirect to user sign up path, and the session will be around for a while) we can have normal behavior and clean the session in all cases with this.

Hope it helps, regards!


Currently, Devise's Omniauthable module does not work with multiple models. (https://github.com/plataformatec/devise/wiki/OmniAuth-with-multiple-models) In a nutshell you need to stop relying on devise to do its magic via "omniauthable" and do this by hand. It is not complicated and once you get first model to work over middelware then it's obvious how to extent for multiple models as it boils down to exactly same code with just different model name.

Steps needed:

  1. Remove omniauthable and devise omniauth setup from devise.rb and model used
  2. Include oauth as middelware(so you catch request before it hits Rails)
  3. Write manual routes - easy peasy
  4. Handle response - amlost the same code you have right now
  5. Handle failure scenario (rejected on oauth provider) - one more block in middelware setup

I solved similar problem and I have detailed explanation here: https://blog.kodius.io/2016/12/20/devise-omniauth-multiple-models/ Code for middleware oauth setup is here: https://github.com/kodius/oauth-example-multiple-models


Currently, Devise's Omniauthable module does not work with multiple models. No need to worry though, as the Omniauthable module is but a simple wrapper around OmniAuth.

https://github.com/plataformatec/devise/wiki/OmniAuth-with-multiple-models