2

I am using omni-auth so that user can authenticate using both Facebook or/and Linkedin.

Now some users would use the same email id for db,lnkd registration. My user table enforces that the email should be unique for a user.

So if an already registered user through one social network could not login through other social network

I am using Rails with devise and omni-auth gems.

Now with omni-auth and social logins: 1] There is no unique attribute for a user (email could be multiple etc) 2] There is no way of determining same user with fb and linkedin logins are actually the same user.

Rails, In general loads a lot of user data into user object so it might be tricky to work with gems if user is not actually a user model.

1] How do I create a user table without a single unique element ?

2] How are the sites like Quora, Airbnb etc handling this ?

3] Seems like a very common problem. Any gems I can look at ?

Thanks!

codeObserver
  • 6,521
  • 16
  • 76
  • 121

2 Answers2

3

If you know you will not use any other omniauth-* gems, you could change your user table to include the fields facebook_uid and linkedin_uid. Otherwise, you should create a generic authentications table with the fields user_id, provider and uid. You would then change your user model to have a has_many :authentications relationship.

These Railscasts should help you:

But be aware of the security implications of merging accounts/giving access to same account using different providers. See here for more information.

Community
  • 1
  • 1
Ashitaka
  • 19,028
  • 6
  • 54
  • 69
  • Thanks @Ashitaka , I like the approach of having a separate authentications table. I was using devise already and it requires to have class OmniauthCallbacksController < Devise::OmniauthCallbacksController .. while the tutorial mentions to use class AuthenticationsController < ApplicationController .. Any suggestion on how this should be structured while using devise ? – codeObserver Dec 09 '13 at 00:49
  • Just keep using `OmniauthCallbacksController < Devise::OmniauthCallbacksController`. – Ashitaka Dec 09 '13 at 10:35
0

You can use:

validates :email, :uniqueness => {:scope => :provider}

There is no need of redesigning the schema and I'm not aware of any issue.

To replace the Devise email index you can do:

add_index "users", ["email", "provider"], :name => "index_users_on_email_provider", :unique => true
CV-Gate
  • 1,162
  • 1
  • 10
  • 19
  • Thanks @CV-Gate for the update. So for a given users, its possible that there would be more than one entries in the User table ? (one per provider) ? This would not be normalized ? – codeObserver Dec 08 '13 at 18:40