Ruby in Rails – Redirect to Login

Question

Ruby in Rails – Redirect to Login

smingins-nzpost opened this issue 4 years ago · comments

Hi

I have been following the tutorial for using Auth0 with Rails here https://auth0.com/docs/quickstart/webapp/rails/01-login

The issue I have is that most Rails applications (and ours is one of them) , if I hit a URL that needs a login, it will redirect me to the login screen, and then upon successful authentication continue on it’s merry journey.

I haven’t found anything in the documentation about how to do that redirect?

I have had to construct a URL myself … that seems to work … but it’s been a bit of trial and error and I would have thought that there was a better Rails way.

state = SecureRandom.hex
session['omniauth.state'] =  state
callback_url = auth_auth0_callback_url
url = "https://#{ApplicationConfig::Auth0::DOMAIN}/authorize?response_type=code&client_id=#{ApplicationConfig::Auth0::CLIENT_ID}&redirect_uri=#{callback_url}&state=#{state}&scope=openid profile email"

So is there a better way of doing this?

Cheers
Shane

stale · Answer 1 · Thu Dec 10 2020 14:35:07 GMT+0800 (China Standard Time)

This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs. If you have not received a response for our team (apologies for the delay) and this is still a blocker, please reply with additional information or just a ping. Thank you for your contribution! 🙇‍♂️

smingins-nzpost · Answer 2 · Thu Dec 10 2020 14:50:45 GMT+0800 (China Standard Time)

No response???

Andrew Porter · Answer 3 · Sat Jan 02 2021 08:33:00 GMT+0800 (China Standard Time)

Any update on this, fellas?

David Patrick · Answer 4 · Thu Jan 07 2021 04:02:25 GMT+0800 (China Standard Time)

Hey @smingins-nzpost sorry for the delay on this. I am exploring some options for providing better guidance on this. I hope to give you some guidance here by next week.

David Patrick · Answer 5 · Wed Jan 20 2021 06:23:24 GMT+0800 (China Standard Time)

Hey all, when re reading this question, I'm not entirely clear if the question is about:

Redirecting a user to the previous page after login
Setting up a non-interactive redirect to login for protected routes.

I will answer both questions just in case.

This can be handled by setting the URL they came from in your session, and then retrieving that in the callback method.
This can be resolved by redirecting the user to a non-interactive POST page that would silently handle the POST authentication submit for the user. You can see this described here https://auth0.com/docs/videos/learn-identity-series/web-sign-in#wistia_k4rwcky3p5?time=895

I am working on adding question #2 to the sample and quickstart.