Login via Omniauth in API

[Tripple-A]

Is there a way to implement login via omniauth on a Rails API app? The React FE handles the auth and redirect to google and gets back an idToken which is verifiable in the Rails app and used to determine the Google user (get their email, full name, etc).

How can one persist these users from and sign them in immediately after creation using rodauth seeing the app already uses rodauth-rails for authentication. A couple of scenarios:

• The normal users authenticate via email and password and so the users table has a password column. One can generate a fake password here to aid saving the entity, but it's impossible to sign the user in via rodauth.login(user). How can one approach this?
• Can rodauth-omniauth handle this? It doesn't seem to be very API friendly and no docs are available to that effect.
• Adding a new auth route for /google seemed only possible in rodauth_app.rb and responding to the request with a logged in user and jwt token is essential as we would for a normal login, but that seems inaccessible atm.

Thanks

[Tripple-A]

Fixed with this example -> https://github.com/mdodell/rodauth-linkedin-api

[janko]

The normal users authenticate via email and password and so the users table has a password column. One can generate a fake password here to aid saving the entity, but it's impossible to sign the user in via rodauth.login(user). How can one approach this?

You could use the callback route provided by rodauth-omniauth that automatically persists the account and logs the user in.

Alternatively, you could implement your own callback route, logging the user in as follows:

account = Account.create(...)
rodauth.account_from_id(account.id)
rodauth.login("password") # or `rodauth.login_session("password")` without redirect

With Rodauth, there is no need to create fake passwords, as passwords are optional by design.

Can rodauth-omniauth handle this? It doesn't seem to be very API friendly and no docs are available to that effect.

Quite the contrary, rodauth-omniauth has explicit JSON API support, supporting both cookie-based and JWT-based authentication – https://github.com/janko/rodauth-omniauth?tab=readme-ov-file#json.

Adding a new auth route for /google seemed only possible in rodauth_app.rb and responding to the request with a logged in user and jwt token is essential as we would for a normal login, but that seems inaccessible atm.

Not sure what the route should do exactly, but you should be able to define custom routes in Rails controllers, there is no need to define them in the Roda middleware.