TIL: How to use OmniAuth with Passwordless

Using OmniAuth with Devise is popular and widely used. However, OmniAuth can also be used standalone with other authentication solutions, such as Passwordless.

Add the gem to your Gemfile, including the extra providers you want to support:

gem 'omniauth'
gem 'omniauth-rails_csrf_protection'

Add the routes needed for OmniAuth to handle the callbacks and failures that might occur:

get 'auth/:provider/callback', to: 'omni_auth#create'
get 'auth/failture', to: 'omni_auth#failure'

Create the OmniAuthController, which handles authentication with Passwordless when a callback is returned:

# frozen_string_literal: true

class OmniAuthController < ApplicationController
  include Passwordless::ControllerHelpers

  def create
    user = User.from_omni_auth(request.env['omniauth.auth'])

    return redirect_to users_sign_in_path, notice: 'Failed to sign in!' unless user

    sign_in(create_passwordless_session(user))

    redirect_to Passwordless.config.success_redirect_path, status: :see_other
  end

  def failure
    redirect_to users_sign_in_path, notice: 'Failed to sign in!'
  end
end

This controller assumes that the User needs to exist, and if it doesn’t, it will fail the login.

The last thing is to add the method to the User model that will return the User to sign in:

# frozen_string_literal: true

class User < ApplicationRecord
  passwordless_with :email

  def self.from_omni_auth(auth)
    find_by(email: auth.info.email)
  end

end

Voila!