mickzijdel
commented
2 years ago Maybe using Devise will make the transition earlier, since we already have Devise for our current auth?
Open AlexMohanMD opened 2 years ago
mickzijdel
commented
2 years ago Maybe using Devise will make the transition earlier, since we already have Devise for our current auth?
AlexMohanMD
commented
2 years ago We are using devise, these two gems just bolt onto it - have a look at the docs I linked
AlexMohanMD
commented
2 years ago added first design draft
This is a fairly big one, so I'm not expecting anything immediately but, hosting our own auth probably isn't great.
I'd propose to move to Azure b2c (which would remain accessible even if we lose our nonprofit rights) as an alternative
Strategy
OmniAuth with Devise: https://github.com/heartcombo/devise/wiki/OmniAuth:-Overview
OmniAuth Generic Oauth2 Gem https://github.com/palagend/omniauth-oauth2-generic yes there are plenty of azure specific gems, but generic oauth2 is better maintained and this fulfills all of our main requirements