How to Integrate ‘devise’ and ‘omniauth-facebook’ Authentication To Your Rails App

Photo by Ben Sweet


As my coding partner and I are working on our final Rails project, I thought it was a great time to share how we integrated


authentication to our blog app. One way we know to authenticate users is by the use of ‘sessions and cookies’ which is great, but if we wanted our users to sign in with their existing facebook credentials, a third-party service like


is the coolest.

What is devise and omniauth-facebook

Devise is a ruby on rails gem which handles all user authentication features in your rails application in a very flexible manner.

Omniauth-facebook on the other hand enables user authentication (login/signup) using their existing facebook account.

In general the Omniauth-provider is a service which enables user authentication through 3rd-party services such as facebook, twitter, google, and so on.

Setting up devise and omniauth-facebook

Build a basic rails application

#create rails project
rails new my-rails-app — database=postgresql
#navigate to project directory
cd my-rails-app
#create database
run rails db:create
run rails db:migrate

Devise gem installation and setup

#generate the pages controller to handle the app home page
rails g controller Pages home
#open config/routes.rb
-set root route
root to: ‘pages#home’
#add devise gem to gemfile


gem ‘devise’
run bundle install
rails g devise:install
#set alerts and notices in application.html.erb
run rails g devise:views
run rails g devise User
run rails db:migrate

Omniauth-facebook setup

2. add ‘omniauth-facebook’ gem to your gemfile


gem ‘omniauth-facebook’

3. Update the User Table with the params needed

run rails g migration AddOmniauthToUsers provider:string uid:string name:string image:text
run rails db:migrate

4. Update initializer

# config/initializers/devise.rb

config.omniauth :facebook, “App ID”, “App Secret”,

5. Update the model

# app/models/user.rb

devise :omniauthable, :omniauth_providers => [:facebook]
verify your schema for the additional fields/columns


<% unless current_user %>
<%= link_to “Sign in with Facebook”, user_facebook_omniauth_authorize_path %>
<% else %>
<%= link_to “Logout”, destroy_user_session_path, method: :delete %>
<% end %>

# config/routes.rb

devise_for :users, :controllers => { :omniauth_callbacks => “users/omniauth_callbacks” }

6. Create a users directory

mkdir app/controllers/users

7. Create a users controller with the following omniauth methods

# app/controller/users/omniauth_callbacks_controller.rb

class Users::OmniauthCallbacksController < Devise::OmniauthCallbacksController
def facebook
@user = User.from_omniauth(request.env[“omniauth.auth”])
if @user.persisted?
sign_in_and_redirect @user, :event => :authentication
set_flash_message(:notice, :success, :kind => “Facebook”) if is_navigational_format?
session[“devise.facebook_data”] = request.env[“omniauth.auth”]
redirect_to new_user_registration_url
def failure
redirect_to root_path

8. Add custom methods to the User model

# app/models/user.rb

def self.new_with_session(params, session)
super.tap do |user|
if data = session[“devise.facebook_data”] && session[“devise.facebook_data”][“extra”][“raw_info”] = data[“email”] if
def self.from_omniauth(auth)
where(provider: auth.provider, uid: auth.uid).first_or_create do |user| =
user.password = Devise.friendly_token[0,20] = # assuming the user model has a name
user.image = # assuming the user model has an image


read original article here