Ruby on Rails + Auth0 + Knock: User authentication through an external authentication service

What We are Going to Build

What Do We Need

Configuring an application in Auth0

Generating the Rails Project

Setting ENV Variables

AUTH0_AUDIENCE="https://[your-audience].auth0.com/api/v2/"
AUTH0_CLIENT_SECRET="[your-client-secret]"
AUTH0_RSA_DOMAIN="https://[your-domain]/.well-known/jwks.json"
AUTH0_CLIENT_ID="[your-client-id]"
AUTH0_DOMAIN="[your-domain]"

Starting With Knock

Creating Wrappers For Sign In And Sign Out Calls

> response = Auth0::Signup.perform('onebitauth@mail.com', '123')
=> #<HTTP::Response/1.1 200 OK {"Date"=>"Thu, 02 May 2019 01:08:56 GMT", "Content-Type"=>"application/json; charset=utf-8", "Content-Length"=>"87", "Connection"=>"close", "X-Auth0-Requestid"=>"7a13741ce42e6586c57a", "X-Ratelimit-Limit"=>"50", "X-Ratelimit-Remaining"=>"49", "X-Ratelimit-Reset"=>"1556759338", "Cache-Control"=>"private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0", "Strict-Transport-Security"=>"max-age=15724800", "X-Robots-Tag"=>"noindex, nofollow, nosnippet, noarchive"}>
2.6.3 :003 > response.to_s
=> "{\"_id\":\"5cca4328bf80c910f5e7be2c\",\"email_verified\":false,\"email\":\"onebitauth@mail.com\"}"
> User.create!(auth0_uid: 'auth0|5cca4328bf80c910f5e7be2c', email: 'onebitauth@mail.com')
> response = Auth0::Signin.perform('onebitauth@mail.com', '123')
=> #<HTTP::Response/1.1 200 OK {"Date"=>"Thu, 02 May 2019 01:13:20 GMT", "Content-Type"=>"application/json", "Content-Length"=>"2533", "Connection"=>"close", "X-Auth0-Requestid"=>"f83e1823d05513008635", "X-Ratelimit-Limit"=>"100", "X-Ratelimit-Remaining"=>"99", "X-Ratelimit-Reset"=>"1556760465", "Cache-Control"=>"private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0", "Pragma"=>"no-cache", "Strict-Transport-Security"=>"max-age=15724800", "X-Robots-Tag"=>"noindex, nofollow, nosnippet, noarchive"}>
2.6.3 :005 > response.to_s
=> "{\"access_token\":\"Bn4f9oWN1eBw\",\"id_token\":\"cHe3Fvsg\",\"scope\":\"openid profile email address phone read:current_user update:current_user_metadata delete:current_user_metadata create:current_user_metadata create:current_user_device_credentials delete:current_user_device_credentials update:current_user_identities\",\"expires_in\":86400,\"token_type\":\"Bearer\"}"

Changing Knock Implementation

Authentication in Rails API

$ curl http://localhost:3000/index
> Auth0::Signin.new('onebitauth@mail.com', '123')
$ curl -H 'Accept: application/json' -H "Authorization: Bearer eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiIsImtpZCI6Ik5USXhRVUUyTTBJeE1qSkVOMFl5T0VJek9FRkdSRE14TkVRME1qbERSamMxTnprNFFUTTBOQSJ9.eyJpc3MiOiJodHRwczovL3J3ZWhyZXNtYW5uLmF1dGgwLmNvbS8iLCJzdWIiOiJhdXRoMHw1Y2NjZWQ3NzU1YTdkNzEwZjU1ODUwYTciLCJhdWQiOlsiaHR0cHM6Ly9yd2VocmVzbWFubi5hdXRoMC5jb20vYXBpL3YyLyIsImh0dHBzOi8vcndlaHJlc21hbm4uYXV0aDAuY29tL3VzZXJpbmZvIl0sImlhdCI6MTU1NjkzNDEyMCwiZXhwIjoxNTU3MDIwNTIwLCJhenAiOiJpeTZHYXR2UWtUUnVTSktLV2NhZ1J2aU5MaThsakxYSyIsInNjb3BlIjoib3BlbmlkIHByb2ZpbGUgZW1haWwgYWRkcmVzcyBwaG9uZSByZWFkOmN1cnJlbnRfdXNlciB1cGRhdGU6Y3VycmVudF91c2VyX21ldGFkYXRhIGRlbGV0ZTpjdXJyZW50X3VzZXJfbWV0YWRhdGEgY3JlYXRlOmN1cnJlbnRfdXNlcl9tZXRhZGF0YSBjcmVhdGU6Y3VycmVudF91c2VyX2RldmljZV9jcmVkZW50aWFscyBkZWxldGU6Y3VycmVudF91c2VyX2RldmljZV9jcmVkZW50aWFscyB1cGRhdGU6Y3VycmVudF91c2VyX2lkZW50aXRpZXMiLCJndHkiOiJwYXNzd29yZCJ9.nrVTy_9rgTi0GVfmPUMrmQcj8jkIzWF0NuZA-X-4SrwiD3Oeodt0UITEdFa-rsM34LSlazN8JglHpgR181MpOXGBPSIkoaJPSX6Scu0wJUxTsZ7G3M3cNoZ9p_Pk_XL-pj2TartimUdsbWZLIdwyRmnzxJ0ePAujlez429gwEwzIjnW38KoVQznTx8_HBkziK4iK5-MHzpdr1rXINhwzz9dWsto-1C88kMx5bQ-rsdTNRG-zi3tLkE9vBFswgg5CDr_A19_V1hFN0-h56oMn6kP3IOr7cEEhxXR15zs7U9zJDvmXKOW-POUCrcR9IikjGGSktMamMz8I9SBrs1oBXg" http://localhost:3000/index
User onebitauth@mail.com is logged in.

Extra Tip: Debugging Errors inside Knock

Conclusion

--

--

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store