Skip to content

Customizing authentication

Kavya Sukumar edited this page Mar 17, 2016 · 5 revisions

Autotune uses oAuth providers for authentication.

At Vox Media, we use Chorus as the authentication provider. However, it can be set up to use any provider like GitHub, Twitter or your organization's authentication system as long as it is oAuth compliant.

Before implementing new authorization providers, it is important to understand how Autotune authenticates and authorizes users.

oAuth in Autotune

Autotune uses omniauth to implement oAuth support. For more info on how to integrate new providers into Autotune, read the wiki.

Setting up your own provider

Adding your own authentication provider is easy with omniAuth.

Once your rails app is setup, the initializer for omniAuth can be found under /config/initializers/omniauth.rb.

The following code snippet, for instance, sets up gitHub as the auth provider for production, while keeping a developer authentication provider for other environments.

Rails.configuration.omniauth_preferred_provider = Rails.env.production? ? :github : :developer
Rails.application.config.middleware.use OmniAuth::Builder do
  provider :developer unless Rails.env.production?
  provider :github, ENV['GITHUB_KEY'], ENV['GITHUB_SECRET']
end

Modify this file as required to customize your providers.

Authorization is done via groups. More on customizing authorization is here.

Clone this wiki locally