I have a Rails app that uses the omniauth-github gem. According to Github documentation, I can set the parameter allow_signup to false in the initial request, so that users can only log in to my app if they already have a Github account. This is my desired behavior.
The part I haven't been able to figure out is this: where exactly should I set this parameter? I have added it to the sign in link path ("auth/github?allow_signup=false"), but that doesn't work. Should this be in the provider :github line within config/initializers/omniauth.rb? How, exactly?
This is how I got it to work:
# config/initializers/omniauth.rb
Rails.application.config.middleware.use OmniAuth::Builder do
provider :github,
ENV['GITHUB_KEY'],
ENV['GITHUB_SECRET'],
{
client_options: {
authorize_url: 'https://github.com/login/oauth/authorize?allow_signup=false'
}
}
end
Apparently it also works with Devise, replacing provider with config.omniauth and placing this within config/initializers/devise.rb instead.