I got two models that have a login. Company and User. What I wish to accomplish is to have one shared login on the front page that logs you in, not one for Company and one for User.
I am also assuming I need to create certain parameters between those models. Such as check the uniqueness of the email you register with. To avoid a person registering on both models, and when logging in on the shared login it gets an error.
My train of though is that I either need to make the login check two tables. Or somehow merge email and password from both models into a new table, that also shows which model the email and password they are logging in with belongs to. That's my thought process so far.
However I have no clue where to start, or what the best practice is for this.
You should implement STI (Single Table Inheritance). Just google it, there is a lot of examples.
Related
I'm fairly new to rails. I'm having problem on designing the model classes. So this app will be used by 5 different users(Students, Teachers, Head and Coordinator). They each are different users to login into the website and have different functionality (example: Head makes an event. Students register for an event. Coordinator sets who can be head etc). I have created all four models with USERNAME and PASSWORD on each models.I don't have user model right now because the users in this app are these 4 models. Now, while making login page, i'm having hard time on implementing the best way to authenticate the users. For example, If a Head puts its login credentials, the app should identify that user that logged in is Head. What approach will be best to encounter this?
Also, after not figuring out the way to approach this. I was thinking of using devise and CanCanCan gem. But the same promblem comes in even if i use this gems.(i maybe wrong)
Do not create multiple models for different kinds of users. This is almost always not what you want. Instead add a column called role of the type enum which contains all of the kinds of roles you want to add like Sergio pointed out. Your comment about having too many attributes on one model is a non issue compared to the one you are planning to create with 5 user models.
It sounds like you are possible putting too much data on the user model if that is your concern
and have different functionality (example: Head makes an event. Students register for an event.
For this you want a permissions system such as cancancan where you can specify which features of the website each role has access to.
If I want to build a Rails app that has two different types of users, let's say one type is called players and the other one is owners, what is the best and most efficient approach to modeling the app?
Things to take into account:
There should only be one Login, but different Registration forms that Owners/Players can use.
Owners can have access to a control panel but Players cannot.
Owners cannot share any of Players capabilities, but both need to be able to perform Login/Registration.
I am not using Devise, so please do not suggest it.
Different Approaches I've considered:
Using cancancan gem, but it does not really seem to meet my needs in the sense that I am not looking to create a user/admin hierarchical approach but rather a if you're a Player, then you can see these pages and perform these actions but Owners cannot and vice versa. Almost like splitting the app in two. cancancan seems that it would treat Owners as "Players with extra privileges", not different privileges entirely.
Creating separate models with separate login and registration forms, which seems like a disaster waiting to happen. One small mixup between a Players table and the Owners table, especially with the primary keys, and that will be a world of trouble where people could end up logging in to the wrong accounts.
Creating a polymorphic or has_one relation toward an Account model, which so far, seems like the best way to probably go about it. If I created a polymorphic Account model, I can store different types of Players/Owners, but how could I compare login credentials against all types?
I had been trying to find something on this matter regarding how to map this out and was surprised to not find an information on how to do this without using Devise. If anyone has any good links they can point me to that also address this matter (without Devise), please leave them in your answer! Thanks.
I'd suggest one User class with a type attribute that determines whether the user is a Player or an Owner (single table inheritance). This way you keep the registration logic in one place but can customize the forms depending on the user's class.
There must be alternatives to cancancan that help with what you want to do, or you can implement helpers yourself:
def can_access_control_panel?
current_user.is_a?(Owner)
end
You have to have a way to separate one user from another. One way is to add an attribute to the User table so you can call current_user.role and it will return "owner" or return "player".
I have used Pundit gem in the past. It lets you define which controller actions the current user is allowed to access. So as you create resources for your application, you can add a policy that specifies who is allowed to that given resource. This is the repo to the application.
This answer might help you.
I am trying a weird thing in devise. Here I have got two types of login.
1) Default devise login using username and password.
2) Login with user id and password.
The password (password2) in second step is different from that (password1) in first step.
I want to login through both using same interface, i.e. there will be one login page where you need to enter email or user id and corresponding password (password1 or password2 respectively).
Is it possible to do the same in devise?
Thanks
Paritosh
Allowing multiple user identifiers is discussed on the Devise wiki which I have linked here.
Update: However, as I now understand, you want two separate sets of credentials (userid/pw1, and email/pw2) for some reason.
I think the answer to your question is that "while it's possible to accomplish with Devise, it's far more effort to change Devise than it is to write yourself". If you look at the link, there's actually a fair amount of work needed to make the simpler change of accepting either userid or email for the same password. It gets even more complicated when implementing your requirements.
Unless you really create your own system from scratch, either Devise or Rails' built-in has_secure_password both make several assumptions about the name of the attribute holding the password (i.e. that it's called password). And while there's an assumption that there's a (single) model containing the authentication information and this attribute, I see no reason why you couldn't have two models, perhaps both belonging to a User model, each of which provide the basic functionality of encrypting, storing, and validating the attributes for the method the user has used, but for which all of the other functionality is provided by the parent User record, and its controllers and views. Some simple logic in the User model determines which method is being used and farms off that functionality to the appropriate sub-model.
So yeah, it can be done, and I would suggest has_secure_password will be simpler in your unusual case.
But perhaps it's worth asking: if I am the first person to encounter this situation, perhaps there's an alternative that could meet my requirements that follows some existing convention or approach. For example, is this a "single sign-on" interface that provides authentication for several unrelated services? If so, that might be the thing to search for.
here is a complete tutorial to login with both username and email. you can replace username with user_id or whatever you required.
I'm using Mongoid, Devise and Rails 3.1.
I have four models: Students, Teacher, Parents and School (the main account). All them will log in on system. But, I don't want create four ways to login. I want create an unique login method using anyone this models, but with respectives roles (This is the minor problem, I already can do that with CanCan).
Anybody have a easy solution, without create a programming-hell?
Actually, people logging on to your system are all Users. So either you choose to let the classesTeacher, Student, Parent, SchoolRepresentative to inherit from User using STI.
Most of the times I prefer simply that a User has roles. And the role would then be teacher, student ...
The roles define what a user is allowed to see.
Hope this helps.
I am working on an app right now where I have Individuals, Athletes and Coaches. A coach has many athletes and they create athletes as well. Whereas individuals can just come to the site and use a different set of tools. So for functionality and logic reasons I prefer to keep the individual model separate from the athlete model.
When users come to the site I want them to login but it would be confusing to have 3 logins (coach, individual and athlete). Users coming to the site will get confused whether or not they are an individual or an athlete. I was thinking of putting a login link which would have an ajax menu with all three choices, which will look nicer but I still have the multiple login issue.
Does anyone have an idea on how I can make ideally 1 login form for individuals and athletes. I am using authlogic for authentication. I am not looking for code, I can go in and mess around, just wondering if there is a trick to this (making it easier for the user).
Thanks!
You might want to look at the devise gem (http://github.com/plataformatec/devise), this supports using multiple models for authentication.
Why not have the Individual, Athlete and Coach models be subclasses of your User model.
Then you can put all the authentication guff into User and it's available to all three - all through the same login form.
You want to assign Roles to Users. You don't need separate subclasses for each user type, model it so a user has_many :roles.
Have a look at this blog post for a detailed explanation - roles can be very simple if this is all you need.