I have a simple asp.net mvc 5 site with its own authentication system. Users can sign in either using my site's account or from external such as facebook or google, etc... I want to add a commenting system to allow users feedback on the site's content.
I have tried using Disqus by embedding its universal code script snippet and things seem to work fine. However, the problem is that Disqus requires users to log in again via its own authentication. If users have signed in to my site, I don't want users to do that again just to leave comments. After some searching around I concluded that Disqus was not really what I need and decided not to use it.
Now I am trying to determine whether there's a commenting system that'd be easy to integrate to my site or if I should just implement my own. I don't care too much about nested comments, if it's supported then better but otherwise no big deal.
There is a solution to your problem, and that is single sign-on which is a disqus feature offered for free.
More info - http://help.disqus.com/customer/portal/articles/684744-getting-started-with-single-sign-on
Related
I am considering implementing a Facebook-integration to my web app. I want to be able to import friends names, their ages and their interests/likes.
A. First off, is this possible? Can I access this information?
This import will, more or less, be a one-time import.
I also want to be able to use Facebook-login and to use it parallell to my "normal" login (auth) functionality. I assume this should be quite straightforward since most websites have it this way (e.g. Fiverr.com).
B. These two things being my basic needs of my Facebook-integration, which gem would you recommend me to use?
C. I am 1 1/2 years into RoR and consider myself decent at Rails-programming but hardly know any JavaScript and very little jQuery. Will this integration be very difficult for me, you think?
Receommendations of useful blog posts etc will also be appreciated!
A. Check facebook doc on permissions. I'd say you can get a user friends list (id and names), but nothing more : the friends would have to allow your app in order for you to retrieve their data. I've stumbled upon this issue a few weeks ago, but we were retrieving albums and pictures. The data you want is less sensitive, so maybe you can do it anyway. Bottom line : check.
B. I'd suggest using devise for managing everything related to authentication. It is a well known gem, used by many and more. You can add support for facebook via omniauth; there's a wiki page on devise about how to achieve this.
C. Once you get your grasp around the OAuth concepts, you'll be good. You can use facebook connect without javascript/jQuery. Some features though, as the "like button", will require to use the js SDK. Besides these ones, you can do pretty much everything server-side. For more advanced queries, the koala gem can do that.
Hope this is enough for you.
So, this may be a kind of dumb question, but I checked the Google and got no hits. We want to host multiple Rails apps in a way that makes them look homogeneous. We want all the apps to have the same look and feel, and all the apps to use the same sign-on database.
Theming I think we could accomplish by just putting the site theme into a gem, and requiring that gem from our github repository in each app. However, auth is trickier.
I know that I can achieve this "for free" by just not making the different portions of the site (store, chat forums, etc.) different apps. If they're all, say, Rails Engines, we can basically drop them into the same application with their own namespaced routes, and have a single plugin that does auth.
However, for various reasons we'd like to keep these separate apps, if that's technically possible. The number one reason is scalability; since this will be a hosted site, we want the flexibility to spin up more instances of, say, the store (perhaps to handle a holiday sale rush), without needing to spin up the chat forums. Also, we want to be able to completely isolate the portions of the code that AREN'T intertwined.
Ideally, the databases would be separate too (keeping us from falling back into the rut of "put everything including the kitchen sink in the db"), but I do know that one "cheap" way to do cross-app auth is just to use the same plugin (say, Devise), and just point to the same DB.
So, I'm thinking that maybe the way to do this is to auth via a web service call. Is this prior art -- does anyone have a gem for this that "just works" so that authentication can be shared across all apps? Or am I just entering into a world of pain by trying to build things this way?
Thanks in advance!
You could do a single sign on approach described at:
http://blog.joshsoftware.com/2010/12/16/multiple-applications-with-devise-omniauth-and-single-sign-on/
The single sign on approach with oauth and devise has some drawbacks. The main problem I had was I was unable to extend the timeout time across multiple apps.
We have a website, and want to allow users on the site to chat with the providers (if they are online). To make it as simple as possible, we'd either ask the providers for their Google Voice/AIM username or just ask them to have our website open.
Any ideas on best ways to implement this (we are using HTML5/CSS3/RoR3 and don't support old browsers) or even better, perhaps a solution out there that does this. To my knowledge, olark, livechat, etc don't provide this...
FYI: I prefer an open source solution vs. building it myself.
There was a recent railscast regarding messaging where Ryan built a chat program with push support (not polling). Seems a decent place to start if your requirements are easy going:
http://railscasts.com/episodes/260-messaging-with-faye
I need to create a web app where people will sign up, call it main-app.com, when they sign up my code will generate a usersite.my-app.com, they will login and only be able to manage their mini site. My question is, is it correct to model this out by creating a table for site, a table for user, users belong to site and site has many users. Then I should create a content table that belongs to user AND site?
Is that right?
I am working on this for one of my apps at the moment using the Devise authentication plugin.
To get the central user environment, I was simply going to shard the database using Octopus, Connection_ninja. All are on Github
It's a starting point but not the full solution I'm afraid as I haven't got there myself yet. There are going to be issues to consider such as determining authorization of app specific resources based on which site the user has registered.
Alternatively, The latest edition of Ruby Weekly links to an interesting article on a Ruby implimentation of the Central Authentication Service protocol. It will be worth a read - http://blog.econify.com/2010/12/introducing-classycas.html
Hope this helps a bit...
I'm looking to build an application that handles authentication and authorization for a variety of smaller apps that may or may not be rails applications (e.g. some with sinatra, some with non-ruby frameworks, etc). These applications will be on separate domains.
Can I do this with Authlogic? I do not want to setup a rails application for each application, just use a central authenticator. I'm sure as I start reading and working the answer would become evident, but I'm trying to avoid a dead end (doing work and research, then finding out this can't be done.)
From what I've read this is a use case, and I'm looking for input from people who've done similar. This is at the idea stage so if i can offer more detail, let me know.
I think you are planning to build a cross domain, single sign-on service. Besides building your own, there are a quite a few project that do this out of the box.
rubycas is one of them : http://code.google.com/p/rubycas-server/
You could also look into open Id (http://openid.net), where the login functionality is done by a third party authentication server.
In case you want to roll your own:
It doesn't really matter which authentication plugin/system you will use. (I would choose devise/warden, but Authlogic will do just fine). Instead you need to focus on understanding the security problems and the http interaction between your service, the browser and the application for which authentication is used. I think it's doable, but you need to know what you are doing.
Today, the cool kids use warden, or the railsy thingy devise.
Im not sure but i think you cant use authlogic with a non-ruby-app.
I would probably go with Devise as well but you should look into some plugins for it like JanRain's Engage (used to be RPX Now). It allows you to use quite a few social login options (Facebook, Twitter, etc.) http://www.janrain.com/products/engage.
Ryan Bates from Railscasts.com just posted an episode on Devise using Engage this morning. http://railscasts.com/episodes/233-engage-with-devise
There are some more episodes about Devise on Railscasts too. http://railscasts.com/episodes?search=devise
If I were you I wouldn't reinvent the wheel. I'd use a third party service to authenticate and just get on with the project. Social connectors such as Engage will provide this functionality for you without all the time and expertise.