OAuth / social login
Social login and OAuth account connection for umbral, layered on umbral-auth. Sign in with Google or GitHub, with provider tokens encrypted at rest.
OAuth / social login
umbral-oauth adds social login ("Sign in with Google") and account connection ("Connect GitHub") on top of umbral-auth. A social identity is a SocialAccount row linked to an AuthUser by foreign key — an extension of the user, never a replacement for the username — and provider tokens are stored in Masked columns, encrypted at rest.
rust
use umbral::prelude::*;use umbral_oauth::OAuthPlugin;use umbral_oauth::providers::{GoogleProvider, GitHubProvider}; let mut oauth = OAuthPlugin::new("https://example.com").login_redirect("/dashboard");if let Some(g) = GoogleProvider::from_env() { oauth = oauth.provider(g); }if let Some(gh) = GitHubProvider::from_env() { oauth = oauth.provider(gh); } App::builder().plugin(oauth).build()?;Info
This page is the plugin overview. For the full flow — provider environment variables, the login / connect / callback routes, linking several accounts to one user, and the templates — see the complete guide: OAuth / social login.
See also
- OAuth / social login — full guide
- Users and passwords
- Masked columns — how provider tokens are encrypted at rest.
oauthsocial-logingooglegithubauthplugin