Auth0 Test Flow

A simple Ruby on Rails application demonstrating Auth0 SSO integration using OmniAuth.

Features

• Auth0 Universal Login integration
• Session-based authentication
• User model with Auth0 profile data
• Protected routes example
• Bootstrap 5 UI

Requirements

• Ruby 3.3.5
• Rails 7.0
• Node.js (for asset compilation)
• Auth0 account

Setup

1. Clone and install dependencies

git clone <repository-url>
cd auth0-test-flow
bundle install
npm install

2. Configure Auth0

1. Create an Auth0 account at https://auth0.com
2. Create a new Application (Regular Web Application)
3. In your application settings, configure:
   • Allowed Callback URLs: http://localhost:3000/auth/auth0/callback
   • Allowed Logout URLs: http://localhost:3000
   • Allowed Web Origins: http://localhost:3000

3. Set environment variables

Copy the example env file and fill in your Auth0 credentials:

cp .env.example .env

Edit .env with your Auth0 values:

AUTH0_CLIENT_ID=your_client_id
AUTH0_CLIENT_SECRET=your_client_secret
AUTH0_DOMAIN=your-tenant.auth0.com

4. Setup database

bin/rails db:migrate

5. Run the application

bin/dev

Or without foreman:

bin/rails server

Visit http://localhost:3000

How It Works

Authentication Flow

1. User clicks "Login with Auth0"
2. User is redirected to Auth0's Universal Login page
3. After authentication, Auth0 redirects back to /auth/auth0/callback
4. The callback creates/finds the user and sets the session
5. User is redirected to the home page, now logged in

Key Files

• config/initializers/auth0.rb - OmniAuth Auth0 configuration
• app/controllers/auth0_controller.rb - Handles Auth0 callbacks and logout
• app/controllers/application_controller.rb - current_user and logged_in? helpers
• app/models/user.rb - User model with from_omniauth method

Protecting Routes

To require authentication for a controller action:

class SecretController < ApplicationController
  before_action :require_login

  def index
    # Only accessible to logged-in users
  end
end

License

MIT