Add it to your Gemfile
gem 'devise_oauth'
Mount engine in your routes.rb file
mount Devise::Oauth::Engine => '/oauth'
Define possible scopes in your application.rb
Devise::Oauth.scopes = [:read, :write]
Add strategies to your User model
class User < ActiveRecord::Base
devise :database_authenticatable,
#:registerable,
#:recoverable,
#:rememberable,
#:trackable,
#:omniauthable,
# OAuth provider
:access_token_authenticatable,
:client_ownable,
:resource_ownable
Create migration [TODO: write generator]
look at db/migrate/20120622164619_devise_create_oauth.rb
for now
if your app is accessed with access_token
then we set it as oauth_token
to current_user
class Ability
include CanCan::Ability
def initialize(user)
user ||= User.new # guest user (not logged in)
if user.oauth_token?
# has access_token, so we set access rights with scope
setup_client(user)
else
# normal user access rights setup
setup(user)
end
# See the wiki for details: https://github.com/ryanb/cancan/wiki/Defining-Abilities
end
private
def setup_client(user)
if user.oauth_scope? :write
can :create, :protected_resource
end
end
def setup(user)
end
end
This project rocks and uses MIT-LICENSE.