Hello, I want to install OmniAuth with SoundCloud, which doesn't provide email addresses, like Twitter, and some cases of users in Facebook. Devise obliges the user to enter a email, so this is the problem. What is the best solution : This one where an intermediate model "Identity" is created to control this http://sourcey.com/rails-4-omniauth-using-devise-with-twitter-facebook-and-linkedin/
or this one, where the validation of the devise model is changed :
Thank you for your help !
By definition, a user who authenticates through a 3rd party (Twitter, Soundcloud...) doesn't provide an email/password to your app. It's the 3rd party that authenticates the user and shares its info about the user with your app (doesn't always include emails).
Actually, what is your question? What user story are you trying to solve for?
- If you don't want to manage any email, Devise can be customized to work with usernames instead of emails.
- If you want to always get emails, even when users authenticate through 3rd parties (Devise + Omniauth), you either don't use 3rd parties that don't share emails (e.g. LinkedIn, SoundCloud...) or ask users for their email in your app when necessary (newsletter subscription, purchase form...).
- If you want to collect and connect user identities from multiple 3rd parties, I would think twice! People usually choose one auth method and don't expect their personal info to be messed with in the background. No secure app should attempt to link multiple accounts or create accounts without the user's explicit action.
Thank you for your help ! I wanted to give the possibility to the users to share their mp3 files, via SoundCloud.
Actually, I prefer to keep the email as the parameter to identify. So, I decided to ask for a Soundcloud anthentification just when they upload their files. The soundclound link will be associated to a model, which will be associatied to the user. So, There is no more problem of email authentification (except when the user connects by facebook and doesn't share their emails, so I redirect them to my sign up form)