thombruce
commented
1 year ago I believe this is going to require a Google client ID and secret, which in production should be configured directly in the environment variables on the instance.
During development, developers will still have to provide their own values. Should recommend an approach like a .env or .envrc file (ignored by git) and whatever tool/gem is available to load these into the environment during development and testing runs.
Sine the main target of our application is to affect video records on YouTube via the YouTube API, it makes sense to enable a Google-based oauth strategy for signup and sign-in. We'll ultimately need users to authenticate with Google in either case.
See here for a setup guide re Devise+Omniauth: https://github.com/heartcombo/devise/wiki/OmniAuth:-Overview