devise & facebook omniauth

I’ve got these two working together , but I’ve found out if you sign up initially with facebook - the devise password doesn’t exist. So I had no way of updating the profile, then I found this … How To: Allow users to edit their account without providing a password · heartcombo/devise Wiki · GitHub

and removed the confirmation to update the profile which worked, but did not update the devise password.

has anyone dealt with this and found a way around it?



When you authenticate with an OAuth provider, you don't get a local password. If you want to change the password, you have to do that at Facebook.


Ok, then I think I’m going to make a few small changes to the profile form and the login/sign up pages.

So you’re either registered locally or by facebook. I’ll check for a provider in the user table, and if that exists I’ll remove the password field (and maybe say that you account is registered using facebook - so they remember how they signed up.)

. And I guess if they have initially they can’t log in using facebook?



Sorry, I guess if they have logged in using devise locally initially they can’t log in using facebook?

You may want to look at OmniAuth for this: OmniAuth: Overview · heartcombo/devise Wiki · GitHub

You can sign in using any number of different strategies, including local authentication, if you set it up right.


I believe I set it up correctly? Take a look.

I don't have Facebook, so I can't try that angle, but you have both devise database_authenticatable and omniauth enabled in your User, right?


Yes, both are enabled.

So I guess that means you can only use one or the other?

You may be able to recover your password (since you don't have one to begin with) if you signed up with Facebook and then decide to move to local authentication. You could try that, if you have a Facebook account, try using the password recovery path to add a new password to your account.


Ok, I’ll try that. I had this crazy problem that I fixed before - if you created a profile using facebook you couldn’t update your profile because u didn’t have a local password. lol. I fixed that (not needing the password to update the record).

I fixed up my login and sign up pages.

I also fixed the invalid token error when login out, I believe. I added some login status to the profile page (basically where you’ve signed in from and removed the password field if you’ve used facebook to login).

Hopefully, people won’t get too confused.