I'm looking for a good tutorial for Sessions in RoR
Can you recommend me some sites? ( Please not ruby.railstutorial.org/ruby-on-rails-tutorial-book )
Thanks
I'm assuming you're referring to user login/logout functionality - if you're willing to pay for it (I can't recommend enough that you do) Railscast has an excellent episode on authentication: http://railscasts.com/episodes/250-authentication-from-scratch-revised.
There are also free episodes on setting up Devise (a gem that does most of the authentication work for you): http://railscasts.com/episodes/209-introducing-devise - but I would again recommend building your own from scratch first so you understand the logic.
If and when you do decide to jump into Devise, their github pages are very helpful as well so check those out: https://github.com/plataformatec/devise.
http://www.quarkruby.com/2007/10/21/sessions-and-cookies-in-ruby-on-rails
I found the above link very helpful.
Related
I got started building an app which 20-30 people are currently using. I used devise, and I'm now wishing I had not... for reasons such as ease of adding a guest user, etc.
I think I want to remove devise, and follow the Hartl tutorial to create my own authorization.
Has anyone done this before? Do you have any advice?
Thanks!
Yes. Definitely start with Michael Hartl's tutorial. It is really comprehensive, detailed and very well written. More importantly, he always places an emphasis in security. So yeah, his tutorial is surely the way to go.
Good luck!
Basically, the app has to support sign up/sign in functionality and allow user to add friends and allow friends to chat.Since, I am just starting? with rails it's a bit overwhelming. How should I go about it
Also, the aim is not an application for production.
It'll be great if you could link to some working demos of the same.
Thanks!
If you are learning rails there are lots of great resources online. Try googling for a few.
I would suggest Michael Hartl's Rails Tutorial - http://ruby.railstutorial.org/ruby-on-rails-tutorial-book - it includes bits of what you want.
You would need ofcourse to read tutorials for rails beginners, I recommend the official rails guide.
For sign up/sign in, you could use the devise gem, and for chat push you could take a look at private_pub gem.
You can also check out a tutorial I did on how to achieve the same using devise and private_pub gem. I believe this should get you started http://goo.gl/l3e8zN
I poked around StackOverflow and Google, but couldn't find anyone who has put together a comparison of authentication gems or plugins for Rails (I'm looking for something for Rails 3). What authentication solutions are available for Rails 3, which are most popular, and what are the differences between them?
Ruby toolbox has a list of the most popular ones: http://ruby-toolbox.com/categories/rails_authentication.html
You can see that Devise and Authlogic are definitely the most popular.
Personally I use Devise. It works well with Rails 3, is easily customizable, and makes it very easy to integrate Twitter and Facebook based auth.
For a Rails3 App definitely Devise ;).
Devise is the only authentication system which provides security on all the 3 stack layers of rails: - In 'M', 'v', and 'C' and hence the best to go with. But you got to learn more on how to customize devise to custom fit your application's need. You can find help on customizing in this page https://github.com/plataformatec/devise/wiki/_pages
In Rails authentication from scratch is dead simple to do.
Ryan Bates covers this here http://railscasts.com/episodes/270-authentication-in-rails-3-1
devise, devise, devise
I am surprised OminAuth did not get a mention in any of the answers. (Agreed OmniAuth is more recent than this question is, but there are answers that came after)
Undoubtedly, this is the most exhaustive authentication solution available currently for rails applications.
Under the hood, OmniAuth uses OAuth2, which is evolving as the de-facto standard for authentication in web applications across platforms and frameworks. Almost all major internet players support OAuth2 - Github, Google, Facebook, Twitter, LinkedIn are just a few to name.
Of course, Devise works very well with OmniAuth so It should not be a major headache for those already using Devise
I'm a big proponent of rolling your own. Depending on your requirements its fairly straight-forward and reduced dependency on a key component. Rails 3.1 makes it even easier.
Kinda late to the party, but I wrote something up for it here:
http://zergsoft.blogspot.jp/2012/08/rails-3-authentication-compared-warden.html
I cover Warden, Devise and home grown.
The tutorial by Michael Hartl is great for learning how to set up your own.
http://ruby.railstutorial.org/ruby-on-rails-tutorial-book
I have used that on multiple apps and love the flexibility of setting up my own Authentication Method.
Though for the most part I use Devise and LOVE it. It is very quick/easy to implement, very secure, and does exactly what I need it do.
https://github.com/plataformatec/devise
I will typically use it in conjunction with CanCan and Rolify
Im learning Rails by building apps.
I want to make my first authenticated app: users signup, login, do some changes in models they have access to and logout.
I did the Google search but it is quite confusing: many plugins, many tutorials. Don't know where to start.
Is there a state-of-the-art authentication method for Rails? What do you use in Production to authenticate your users?
Any help in this will be helpful. Thanks
I've used authlogic in the past and have been quite happy with it. Ryan has a railscast (video tutorial) for authlogic here.
+1 to Jason, -1 to NSD and sparky. Authentication system is not the thing you want to build yourself, at least if you're aiming for production use. It's like inventing your own encryption algorithm - it's a lot more safe to use something extensively tested and well-developed.
I've also been using authlogic, but there are some alternatives over there - like the good old restful authentication, and devise, which I guess is more modern so to speak. BTW the two latest railscasts are devoted to devise.
If your application is simple and just want a simple and secure user login page you might want to look into the Restful Authentication plugin. Its very easy to use and if you don't have much authentication requirements this should do fine.
script/plugin install git://github.com/technoweenie/restful-authentication.git
script/generate authenticated user sessions
rake db:migrate
You can find out more by checking out this excellent railscast.
As A beginner I would recommend Restful Authentication as its simple to set up and will get you up and running with no time
following is a step by step guid
http://avnetlabs.com/rails/restful-authentication-with-rails-2
and authlogic - (http://github.com/binarylogic/authlogic) is another great plug in which is more flexible but requires some work to implement user registration and stuff
cheers,
sameera
One man's state-of-the-art authentication system is another man's worthless pile of garbage. You're almost always better off rolling your own in the long run. O'Reilly's Ruby Cookbook has some extremely basic examples that will set you off in the right general direction, then you can decide whether or not other people's solutions are right for you.
I would agree with NSD. Figuring out the plugins & how they should mesh with your application to me longer than creating an auth system in my latest application.
My tips - create a user_sessions controller and use normal CRUD methods to handle creating/destroying (ie logging in & out). Create another model for the user - it can handle create accounts & updating (ie changing passwords). Stick a :before_filter on each controller which needs protection.
Is there an automatic way in Ruby On Rails for authentication porpose?
What gem is this and what does it do?
Does it automaticly generate the tables and pages like when i should generate a scaffold?
There are some plugins that do code generation for you, but I strongly prefer Authlogic. Ryan Bates has an excellent introductory video.
I agree that Authlogic is a great choice for Rails authentication.
In addition to the links Alex provided, check out the authlogic_example Git repository for step-by-step setup instructions, including the proper migration to be using. You can still start with nifty_scaffold and then edit the migration, models, and controllers appropriately.