Easy mobile device login for Rails apps

I read an article this morning on TechCrunch about an upcoming service that makes it easy for developers to add mobile logins to their web applications, and I thought I’d try something similar for a new project I’m working on.

If you use the Devise gem for managing logins for your Rails app, and you pass the :token_authenticatable to the devise method, then your users can log in with a link that includes an authentication token, bypassing the email/username and password login. With that in place, all you need to do is generate a QR code that encodes a link to your app with this authentication token included. Here’s how you can do that:

Following the instructions of the qr code gem, install the gem by adding gem 'rqrcode' to your Gemfile and running bundle install. Generating the code can be done in a HAML view like so:

- qr = RQRCode::QRCode.new(root_url(Devise.token_authentication_key => current_user.authentication_token), :size => 10, :level => :l)
  - qr.modules.each_index do |x|
      - qr.modules.each_index do |y|
        %td{ class: qr.dark?(x,y) ? 'black' : 'white' }/

This assumes that you have devise hooked into your User model, and the currently-logged in user is available to the view via the current_user method. Using the CSS from the rQRCode home page, this will display a QR code that can be scanned on a phone.

This will allow a user to log in to your app (using their laptop), scan the QR code on their phone, and then be logged in on their mobile browser. Easy. :)