I have two apps. They are different code bases. One is in Rails 3.2 and the other is in Rails 4, one on Heroku, one on AWS, both use postgresql. I have users that are signing in to both apps. I would like to make it so that if you signed up for one app (a specific one) then you can use that log in information to sign into the second app.
What is the best way to go about doing this, give one omniauth functionality?
What is the simplest/fastest way to do this, seed one database with other database info?
I know best and fastest might be different approaches.
Thanks for your guidance!
On the top of my head, expose an authentication API on both applications and use one's method in another's authentication process. So if a user signs up in application A his data is in application a. When he signs in first try to authenticate on application a, then use API from application B and if both fail then you can redirect him to sign up or whatever.
This was you don't have to duplicate data from one db to the other.
Related
I want to create a web application in which the main application shall be built using a PHP Framework or RoR. However, there are some sections only, that need real time updates (e.g., collaborative editing, real time feeds) etc. Is it possible that if a user is authenticated on the PHP/RoR app, the user session data can be passed on to the meteor app ? Can the 2 applications share the same database? Any insight on how do I go about implementing this ?
While it is possible to do what you've asked you should possibly ask yourself if you can't achieve your goals with one tech stack. Having multiple tech stacks like Meteor and RoR / PHP means anyone that wants to work on your codebase needs to know all of these frameworks. Additionally you might be able to achieve your requirements around collaborative editing and real time feeds using PHP or RoR.
Since you have not posted your requirements it is hard to make concrete recommendations but maybe you should list your requirements use the least complicated tech stack to implement it.
Are you aware that RoR 4 has built in support for streaming: http://tenderlovemaking.com/2012/07/30/is-it-live.html
You might be able to implement your collabaration requirements using a JS library liek Angular or Ember JS which uses Ajax to keep the users screen in sync with what other users are doing.
Also, this blog post on how Trello is implemented might give you some ideas. They have a great web interface for collaboration: http://blog.fogcreek.com/the-trello-tech-stack/
With regards to your questions:
Two applications implemented in two different technologies can share the same database. You will need to choose a database that is supported by both technology stacks that you want to use. After that, point both applications at the same database.
If you authenticate a user in PHP/RoR app, you can then set a cookie for the user. Assuming your Meteor app is served from the same domain, you can then read in this cookie which might contain some kind of identifier for the authenticated users session. Your Meteor app could then check the db to see if this is a valid session for an authenticated user.
So, this may be a kind of dumb question, but I checked the Google and got no hits. We want to host multiple Rails apps in a way that makes them look homogeneous. We want all the apps to have the same look and feel, and all the apps to use the same sign-on database.
Theming I think we could accomplish by just putting the site theme into a gem, and requiring that gem from our github repository in each app. However, auth is trickier.
I know that I can achieve this "for free" by just not making the different portions of the site (store, chat forums, etc.) different apps. If they're all, say, Rails Engines, we can basically drop them into the same application with their own namespaced routes, and have a single plugin that does auth.
However, for various reasons we'd like to keep these separate apps, if that's technically possible. The number one reason is scalability; since this will be a hosted site, we want the flexibility to spin up more instances of, say, the store (perhaps to handle a holiday sale rush), without needing to spin up the chat forums. Also, we want to be able to completely isolate the portions of the code that AREN'T intertwined.
Ideally, the databases would be separate too (keeping us from falling back into the rut of "put everything including the kitchen sink in the db"), but I do know that one "cheap" way to do cross-app auth is just to use the same plugin (say, Devise), and just point to the same DB.
So, I'm thinking that maybe the way to do this is to auth via a web service call. Is this prior art -- does anyone have a gem for this that "just works" so that authentication can be shared across all apps? Or am I just entering into a world of pain by trying to build things this way?
Thanks in advance!
You could do a single sign on approach described at:
http://blog.joshsoftware.com/2010/12/16/multiple-applications-with-devise-omniauth-and-single-sign-on/
The single sign on approach with oauth and devise has some drawbacks. The main problem I had was I was unable to extend the timeout time across multiple apps.
I am building a website for a client that wants to be able to make edits to things on their website. As such I need a way to allow the client to login to the site to make their changes.
My initial thought was to make an authentication system that relies on a User table in the database that is capped at one and only one user. It seems sort of overkill however to make a database table for just one result, so I was wondering if there were any other approaches or best practices that anyone could point to for building a site with just one user.
You could simply authenticate with a static password that is received from a file(encrypted), if you do not want a db model for that.
However, setting authentication with a gem like Devise is like 10 minutes of work. In order to be more secure(it can be a matter even in single user apps), you can set it up and be fine :)
I would highly recommend you set up authentication. As SpyrosP said it does not take long when you use Devise.
I need to create a web app where people will sign up, call it main-app.com, when they sign up my code will generate a usersite.my-app.com, they will login and only be able to manage their mini site. My question is, is it correct to model this out by creating a table for site, a table for user, users belong to site and site has many users. Then I should create a content table that belongs to user AND site?
Is that right?
I am working on this for one of my apps at the moment using the Devise authentication plugin.
To get the central user environment, I was simply going to shard the database using Octopus, Connection_ninja. All are on Github
It's a starting point but not the full solution I'm afraid as I haven't got there myself yet. There are going to be issues to consider such as determining authorization of app specific resources based on which site the user has registered.
Alternatively, The latest edition of Ruby Weekly links to an interesting article on a Ruby implimentation of the Central Authentication Service protocol. It will be worth a read - http://blog.econify.com/2010/12/introducing-classycas.html
Hope this helps a bit...
I have two Rails applications, let's call them A and B. A has existing user base and i want these users to be able to log in to B with the username and password managed in A.
B is altered version of Altered Beast forum and it would be nice if users of my application do not have to create another user account to use forum. My initial thought was just to swap out the User model with ActiveResource model. Forum is hosted on a different server so direct database connection to A's database is too much trouble.
My question is that is there any plugins or authentication system extensions that handle this kind of setup.
Altered Beast uses the restful_authentication plugin. Could you not just use the same plugin in application A pointed to the same database?
Edit:
Use a cooooooookies from application A.