[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"project-7669":3},{"id":4,"name":5,"fullName":6,"owner":5,"repo":5,"description":7,"homepage":8,"htmlUrl":9,"language":10,"languages":9,"totalLinesOfCode":9,"stars":11,"forks":12,"watchers":13,"openIssues":14,"contributorsCount":15,"subscribersCount":15,"size":15,"stars1d":15,"stars7d":16,"stars30d":17,"stars90d":15,"forks30d":15,"starsTrendScore":16,"compositeScore":18,"rankGlobal":9,"rankLanguage":9,"license":19,"archived":20,"fork":20,"defaultBranch":21,"hasWiki":22,"hasPages":22,"topics":23,"createdAt":9,"pushedAt":9,"updatedAt":27,"readmeContent":28,"aiSummary":29,"trendingCount":15,"starSnapshotCount":15,"syncStatus":30,"lastSyncTime":31,"discoverSource":32},7669,"omniauth","omniauth\u002Fomniauth","OmniAuth is a flexible authentication system utilizing Rack middleware.","",null,"Ruby",8080,974,118,83,0,1,16,39.97,"MIT License",false,"master",true,[24,25,5,26],"authentication","hacktoberfest","ruby","2026-06-12 02:01:42","# OmniAuth: Standardized Multi-Provider Authentication\n\n[![Gem Version](http:\u002F\u002Fimg.shields.io\u002Fgem\u002Fv\u002Fomniauth.svg)][gem]\n[![Ruby](https:\u002F\u002Fgithub.com\u002Fomniauth\u002Fomniauth\u002Factions\u002Fworkflows\u002Fmain.yml\u002Fbadge.svg)][githubactions]\n[![TruffleRuby](https:\u002F\u002Fgithub.com\u002Fomniauth\u002Fomniauth\u002Factions\u002Fworkflows\u002Ftruffle_ruby.yml\u002Fbadge.svg)][githubactionstruffle]\n[![JRuby](https:\u002F\u002Fgithub.com\u002Fomniauth\u002Fomniauth\u002Factions\u002Fworkflows\u002Fjruby.yml\u002Fbadge.svg)][githubactionsjruby]\n[![Code Climate](https:\u002F\u002Fapi.codeclimate.com\u002Fv1\u002Fbadges\u002Fffd33970723587806744\u002Fmaintainability)][codeclimate]\n[![Coverage Status](http:\u002F\u002Fimg.shields.io\u002Fcoveralls\u002Fomniauth\u002Fomniauth.svg)][coveralls]\n\n[gem]: https:\u002F\u002Frubygems.org\u002Fgems\u002Fomniauth\n[githubactions]: https:\u002F\u002Fgithub.com\u002Fomniauth\u002Fomniauth\u002Factions\u002Fworkflows\u002Fmain.yml\n[githubactionstruffle]: https:\u002F\u002Fgithub.com\u002Fomniauth\u002Fomniauth\u002Factions\u002Fworkflows\u002Ftruffle_ruby.yml\n[githubactionsjruby]: https:\u002F\u002Fgithub.com\u002Fomniauth\u002Fomniauth\u002Factions\u002Fworkflows\u002Fjruby.yml\n[codeclimate]: https:\u002F\u002Fcodeclimate.com\u002Fgithub\u002Fomniauth\u002Fomniauth\n[coveralls]: https:\u002F\u002Fcoveralls.io\u002Fr\u002Fomniauth\u002Fomniauth\n\nThis is the documentation for the in-development branch of OmniAuth.\nYou can find the documentation for the latest stable release [here](https:\u002F\u002Fgithub.com\u002Fomniauth\u002Fomniauth\u002Ftree\u002Fv2.1.4)\n\n## An Introduction\nOmniAuth is a library that standardizes multi-provider authentication for\nweb applications. It was created to be powerful, flexible, and do as\nlittle as possible. Any developer can create **strategies** for OmniAuth\nthat can authenticate users via disparate systems. OmniAuth strategies\nhave been created for everything from Facebook to LDAP.\n\nIn order to use OmniAuth in your applications, you will need to leverage\none or more strategies. These strategies are generally released\nindividually as RubyGems, and you can see a [community maintained list](https:\u002F\u002Fgithub.com\u002Fomniauth\u002Fomniauth\u002Fwiki\u002FList-of-Strategies)\non the wiki for this project.\n\nOne strategy, called `Developer`, is included with OmniAuth and provides\na completely insecure, non-production-usable strategy that directly\nprompts a user for authentication information and then passes it\nstraight through. You can use it as a placeholder when you start\ndevelopment and easily swap in other strategies later.\n\n## Getting Started\nEach OmniAuth strategy is a Rack Middleware. That means that you can use\nit the same way that you use any other Rack middleware. For example, to\nuse the built-in Developer strategy in a Sinatra application you might\ndo this:\n\n```ruby\nrequire 'sinatra'\nrequire 'omniauth'\n\nclass MyApplication \u003C Sinatra::Base\n  use Rack::Session::Cookie\n  use OmniAuth::Strategies::Developer\nend\n```\n\nBecause OmniAuth is built for *multi-provider* authentication, you may\nwant to leave room to run multiple strategies. For this, the built-in\n`OmniAuth::Builder` class gives you an easy way to specify multiple\nstrategies. Note that there is **no difference** between the following\ncode and using each strategy individually as middleware. This is an\nexample that you might put into a Rails initializer at\n`config\u002Finitializers\u002Fomniauth.rb`:\n\n```ruby\nRails.application.config.middleware.use OmniAuth::Builder do\n  provider :developer unless Rails.env.production?\n  provider :twitter, ENV['TWITTER_KEY'], ENV['TWITTER_SECRET']\nend\n```\n\nYou should look to the documentation for each provider you use for\nspecific initialization requirements.\n\n## Integrating OmniAuth Into Your Application\nOmniAuth is an extremely low-touch library. It is designed to be a\nblack box that you can send your application's users into when you need\nauthentication and then get information back. OmniAuth was intentionally\nbuilt not to automatically associate with a User model or make\nassumptions about how many authentication methods you might want to use\nor what you might want to do with the data once a user has\nauthenticated. This makes OmniAuth incredibly flexible. To use OmniAuth,\nyou need only to redirect users to `\u002Fauth\u002F:provider`, where `:provider`\nis the name of the strategy (for example, `developer` or `twitter`).\nFrom there, OmniAuth will take over and take the user through the\nnecessary steps to authenticate them with the chosen strategy.\n\nOnce the user has authenticated, what do you do next? OmniAuth simply\nsets a special hash called the Authentication Hash on the Rack\nenvironment of a request to `\u002Fauth\u002F:provider\u002Fcallback`. This hash\ncontains as much information about the user as OmniAuth was able to\nglean from the utilized strategy. You should set up an endpoint in your\napplication that matches to the callback URL and then performs whatever\nsteps are necessary for your application. \n\nThe `omniauth.auth` key in the environment hash provides an\nAuthentication Hash which will contain information about the just\nauthenticated user including a unique id, the strategy they just used\nfor authentication, and personal details such as name and email address\nas available. For an in-depth description of what the authentication\nhash might contain, see the [Auth Hash Schema wiki page](https:\u002F\u002Fgithub.com\u002Fomniauth\u002Fomniauth\u002Fwiki\u002FAuth-Hash-Schema).\n\nNote that OmniAuth does not perform any actions beyond setting some\nenvironment information on the callback request. It is entirely up to\nyou how you want to implement the particulars of your application's\nauthentication flow.\n\n## rack_csrf\n\n`omniauth` is not OOTB-compatible with [rack_csrf](https:\u002F\u002Fgithub.com\u002Fbaldowl\u002Frack_csrf). In order to do so, the following code needs to be added to the application bootstrapping code:\n\n```ruby\nOmniAuth::AuthenticityTokenProtection.default_options(key: \"csrf.token\", authenticity_param: \"_csrf\")\n```\n\n## Rails (without Devise)\nTo get started, add the following gems\n\n**Gemfile**:\n```ruby\ngem 'omniauth'\ngem \"omniauth-rails_csrf_protection\"\n```\n\nThen insert OmniAuth as a middleware\n\n**config\u002Finitializers\u002Fomniauth.rb**:\n```ruby\nRails.application.config.middleware.use OmniAuth::Builder do\n  provider :developer if Rails.env.development?\nend\n```\n\nAdditional providers can be added here in the future. Next we wire it\nall up using routes, a controller and a login view.\n\n**config\u002Froutes.rb**:\n\n```ruby\n  get 'auth\u002F:provider\u002Fcallback', to: 'sessions#create'\n  get '\u002Flogin', to: 'sessions#new'\n```\n\n**app\u002Fcontrollers\u002Fsessions_controller.rb**:\n```ruby\nclass SessionsController \u003C ApplicationController\n  def new\n    render :new\n  end\n\n  def create\n    user_info = request.env['omniauth.auth']\n    raise user_info # Your own session management should be placed here.\n  end\nend\n```\n\n**app\u002Fviews\u002Fsessions\u002Fnew.html.erb**:\n```erb\n\u003C%= form_tag('\u002Fauth\u002Fdeveloper', method: 'post', data: {turbo: false}) do %>\n  \u003Cbutton type='submit'>Login with Developer\u003C\u002Fbutton>\n\u003C% end %>\n```\n\nNow if you visit `\u002Flogin` and click the Login button, you should see the\nOmniAuth developer login screen. After submitting it, you are returned to your\napplication at `Sessions#create`. The raise should now display all the Omniauth\ndetails you have available to integrate it into your own user management.\n\nIf you want out of the box usermanagement, you should consider using Omniauth\nthrough Devise. Please visit the [Devise Github page](https:\u002F\u002Fgithub.com\u002Fheartcombo\u002Fdevise#omniauth)\nfor more information.\n\n\n## Rails API\nThe following middleware are (by default) included for session management in\nRails applications. When using OmniAuth with a Rails API, you'll need to add\none of these required middleware back in:\n\n- `ActionDispatch::Session::CacheStore`\n- `ActionDispatch::Session::CookieStore`\n- `ActionDispatch::Session::MemCacheStore`\n\nThe trick to adding these back in is that, by default, they are passed\n`session_options` when added (including the session key), so you can't just add\na `session_store.rb` initializer, add `use ActionDispatch::Session::CookieStore`\nand have sessions functioning as normal.\n\nTo be clear: sessions may work, but your session options will be ignored\n(i.e. the session key will default to `_session_id`).  Instead of the\ninitializer, you'll have to set the relevant options somewhere\nbefore your middleware is built (like `application.rb`) and pass them to your\npreferred middleware, like this:\n\n**application.rb:**\n\n```ruby\nconfig.session_store :cookie_store, key: '_interslice_session'\nconfig.middleware.use ActionDispatch::Cookies # Required for all session management\nconfig.middleware.use ActionDispatch::Session::CookieStore, config.session_options\n```\n\n(Thanks @mltsy)\n\n## Logging\nOmniAuth supports a configurable logger. By default, OmniAuth will log\nto `STDOUT` but you can configure this using `OmniAuth.config.logger`:\n\n```ruby\n# Rails application example\nOmniAuth.config.logger = Rails.logger\n```\n\n## Origin Param\nThe `origin` url parameter is typically used to inform where a user came from\nand where, should you choose to use it, they'd want to return to.\nOmniauth supports the following settings which can be configured on a provider level:\n\n**Default**:\n```ruby\nprovider :twitter, ENV['KEY'], ENV['SECRET']\nPOST \u002Fauth\u002Ftwitter\u002F?origin=[URL]\n# If the `origin` parameter is blank, `omniauth.origin` is set to HTTP_REFERER\n```\n\n**Using a differently named origin parameter**:\n```ruby\nprovider :twitter, ENV['KEY'], ENV['SECRET'], origin_param: 'return_to'\nPOST \u002Fauth\u002Ftwitter\u002F?return_to=[URL]\n# If the `return_to` parameter is blank, `omniauth.origin` is set to HTTP_REFERER\n```\n\n**Disabled**:\n```ruby\nprovider :twitter, ENV['KEY'], ENV['SECRET'], origin_param: false\nPOST \u002Fauth\u002Ftwitter\n# This means the origin should be handled by your own application. \n# Note that `omniauth.origin` will always be blank.\n```\n\n## Resources\nThe [OmniAuth Wiki](https:\u002F\u002Fgithub.com\u002Fomniauth\u002Fomniauth\u002Fwiki) has\nactively maintained in-depth documentation for OmniAuth. It should be\nyour first stop if you are wondering about a more in-depth look at\nOmniAuth, how it works, and how to use it.\n\n## OmniAuth for Enterprise\n\nAvailable as part of the Tidelift Subscription.\n\nThe maintainers of OmniAuth and thousands of other packages are working with\nTidelift to deliver commercial support and maintenance for the open source\npackages you use to build your applications. Save time, reduce risk, and\nimprove code health, while paying the maintainers of the exact packages you use.\n[Learn more.](https:\u002F\u002Ftidelift.com\u002Fsubscription\u002Fpkg\u002Frubygems-omniauth?utm_source=undefined&utm_medium=referral&utm_campaign=enterprise&utm_term=repo)\n\n## Supported Ruby Versions\nOmniAuth is tested under 2.5, 2.6, 2.7, 3.0, 3.1, 3.2, truffleruby, and JRuby.\n\n## Versioning\nThis library aims to adhere to [Semantic Versioning 2.0.0][semver]. Violations\nof this scheme should be reported as bugs. Specifically, if a minor or patch\nversion is released that breaks backward compatibility, that version should be\nimmediately yanked and\u002For a new version should be immediately released that\nrestores compatibility. Breaking changes to the public API will only be\nintroduced with new major versions. As a result of this policy, you can (and\nshould) specify a dependency on this gem using the [Pessimistic Version\nConstraint][pvc] with two digits of precision. For example:\n\n    spec.add_dependency 'omniauth', '~> 1.0'\n\n[semver]: http:\u002F\u002Fsemver.org\u002F\n[pvc]: http:\u002F\u002Fguides.rubygems.org\u002Fpatterns\u002F#pessimistic-version-constraint\n\n## License\nCopyright (c) 2010-2017 Michael Bleigh and Intridea, Inc. See [LICENSE][] for\ndetails.\n\n[license]: LICENSE.md\n","OmniAuth 是一个基于 Rack 中间件的灵活认证系统，用于实现多提供商认证。其核心功能包括通过策略（strategies）支持多种认证方式，如Facebook、LDAP等，并且可以轻松地添加新的认证策略。技术上，OmniAuth 采用Ruby语言开发，具有良好的扩展性和兼容性，能够与Sinatra等Web框架无缝集成。适用于需要提供多种登录选项给用户的Web应用开发场景，特别适合希望快速集成社交账号或其他第三方服务作为登录手段的应用。",2,"2026-06-11 03:13:42","top_language"]