I have recently used omniauth-google-oauth2 gem in one of my rails 5 application for authenticating users, and it is working fine. The application is intended for specific group of users, in my case students of a university. All users have a google account with email addresses ending with @ait.asia or @ait.ac.th.
Is it possible to restrict authentication to only above mentioned users. i.e. only users with email addresses ending with @ait.asia or @ait.ac.th?
You can pass a list of Google Apps hosted domains to the hd option when you are adding the OmniAuth middleware to your application.
So, in your case, you can make a initializer like this:
Rails.application.config.middleware.use OmniAuth::Builder do
provider :google_oauth2,
ENV["GOOGLE_CLIENT_ID"],
ENV["GOOGLE_CLIENT_SECRET"],
hd: %w(ait.asia ait.ac.th)
You can see a complete list of the configuration options here