Ruby On Rails User Profile

The login step explains how to log users in using the Lock widget and a gem called OmniAuth (and a specific Auth0 strategy for OmniAuth). In this step, you'll learn how to access the user profile data once the user has logged into the application.

Sample Project

Download a sample project specific to this tutorial configured with your Auth0 API Keys.

System Requirements
  • Ruby 2.3.1
  • Rails 5.0.0
Show requirements

The OmniAuth Auth Hash

Using Auth0's OmniAuth strategy, you only need to redirect users to /auth/oauth2 (which you did in Login). From there, OmniAuth will take over and take the user through the necessary steps to authenticate them with the Auth0 strategy.

After receiving a successful callback at /auth/oauth2/callback, OmniAuth provides the available user profile information via the request.env['omniauth.auth'] hash.

The full contents of the authentication hash retrieved by the Auth0 strategy are detailed here.

Add the Dependencies

Add the following dependencies to your Gemfile and run bundle install:

gem 'omniauth', '~> 1.3.1'
gem 'omniauth-auth0', '~> 1.4.2'

Retrieve the Auth Hash

In the login step, you configured the application for Lock to start the OmniAuth strategy, and for OmniAuth to take over and complete the authentication process. You also set a route that matches the callback URL in the application routes.

get "/auth/oauth2/callback" => "auth0#callback"

The callback action in the auth0 controller retrieves the auth hash and stores it in the application's session hash. It then redirects to the dashboard controller show action, which renders the dashboard view.

session[:userinfo] = request.env['omniauth.auth']

redirect_to '/dashboard'

Display the User Profile Data

The auth hash built by the OmniAuth Auth0 strategy has the user profile data under the info key. Each element is named according to the normalized user profile definition.

The auth hash also contains the full user profile under the raw key. The difference is that the normalized user profile data is pre-processed and guaranteed to be present, while as the full user profile data may vary depending on several factors, such as the user's identity provider and its linked profile, among others.

Add the following lines in the dashboard view in order to retrieve the user profile data:

<section class="jumbotron  text-center">
  <h2><img class="jumbo-thumbnail img-circle" src="<%= @user[:info][:image] %>"/></h2>
  <h1>Welcome, <%= @user[:info][:name] %></h1>
</section>
<section class="container">
  <div class="panel panel-default">
    <div class="panel-heading">Normalized User Profile</div>
    <div class="panel-body">
      <pre><%= JSON.pretty_generate(@user[:info]) %></pre>
    </div>
  </div>
  <div class="panel panel-default">
    <div class="panel-heading">Full User Profile</div>
    <div class="panel-body">
      <pre><%= JSON.pretty_generate(@user[:extra][:raw_info]) %></pre>
    </div>
  </div>
</section>

Additionally, declare and assign the contents to the user variable in the dashboard controller:

class DashboardController < ApplicationController
  include Secured
  def show
    @user = session[:userinfo]
  end
end
Previous Tutorial
4. Session Handling
Use Auth0 for FREECreate free Account