I'm looking for a good tutorial for Sessions in RoR
Can you recommend me some sites? ( Please not ruby.railstutorial.org/ruby-on-rails-tutorial-book )
Thanks
I'm assuming you're referring to user login/logout functionality - if you're willing to pay for it (I can't recommend enough that you do) Railscast has an excellent episode on authentication: http://railscasts.com/episodes/250-authentication-from-scratch-revised.
There are also free episodes on setting up Devise (a gem that does most of the authentication work for you): http://railscasts.com/episodes/209-introducing-devise - but I would again recommend building your own from scratch first so you understand the logic.
If and when you do decide to jump into Devise, their github pages are very helpful as well so check those out: https://github.com/plataformatec/devise.
http://www.quarkruby.com/2007/10/21/sessions-and-cookies-in-ruby-on-rails
I found the above link very helpful.
I have tried few examples in rails and it went wrong in some way. Finally i looked at https://github.com/plataformatec/devise_example.git , which works correctly but i find it difficult to understand how it works or the process of getting it done. So if someone can help me by explaining the steps involved in the same example if possible or the other, i can understand it. Thanks.
You might want to watch the RailsCasts episode on Devise: http://railscasts.com/episodes/209-introducing-devise
What are some good rails 3 tutorials for implementing Authlogic? The example listed on github is quite outdated and while the Railscast example does a great job of explaining everything it is beginning to show its age.
I've heard mixed reviews about devise but after installing it, watching several railscasts on its capabilities, and going through the tutorials I've decided to stick with it.
Try devise, its a lot simpler :)
After finishing with Rails Tutorial by Michael Hartl, which parts of the sample app proposed in tutorial should I upgrade first? Authentication method comes to mind first..
Given the huge popularity of that tutorial, I suppose there is something like a list of steps to be taken for that app to become more up-to-date in this ever changing world of web dev etc. etc. etc.
Overall is it a good idea to use that app as a foundation for building something more advanced?
Thanks in advance!
I learned Rails with that book :)
However, even the authentication algorithm used there is great to learn, in practice you can use other alternatives. For example I use the wonderful Devise gem (Railscasts 209 and 210).
There are some ideas at the end of the book that explain how you can extend the application. However, I think that building your own app from scratch is better now that you know how to do it.
After reading that book, I created some basic projects, and in parallel started reading The Ruby Programming Language and The Rails 3 Way.
Hope it helps! Welcome to the Rails world :)
Does anyone know of a good guide on building your own authentication system in ruby on rails?
I want to roll my own system to use with my community im building :)
Thanks!
I'd recommend starting with Warden - it'll handle the very basics of sessions for you, and give you a good foundation to build your logic on top of. The Rails Warden plugin is a rather small library that helps integrate it into Rails. Both of these projects are fairly mature and well-constructed yet still under active development - they're good choices all around.
You should be aware of Devise, another authentication framework (like Authlogic or Restful Authentication) that is based on Warden. It may not be a good fit for your project (it wasn't for mine), but looking through the source might give you a few ideas on how best to use Warden.
The other thing I'll note is that, in terms of hashing passwords, you should absolutely use bcrypt.
michael hartl has a good book coming out soon and the first 8 chapters are available in pdf format for free here: http://www.railstutorial.org/ - they cover the entire process of creating a very solid rspec-driven authentication system - can't recommend it highly enough
Well, it came out a while after you asked your question but the best answer if you're keen to build your own authentication system rather than use something like Devise would probably have to be Ryan Bates' Authentication from Scratch Screencast.
Since authentication is a common problem that has been solved many times already, I would start by investigating the solutions already out there.
For example, have a look at Restful Authentication which provides a good foundation for authentication in Rails. Even if you'd rather roll your own system, playing around with Restful Authentication and understanding how it works should give you a good understanding of the components needed when you start building your own system.
Check out this article:
http://www.aidanf.net/rails_user_authentication_tutorial
The author goes, step by step, through an entire authentication framework, with suggestions on further improvements. Even tests are discussed.
I agree with Ritchie... Devise has some very nice features but it doesn't play nice with others. For many use-cases, the way it hijacks the routing can make your job more difficult. In many situations you may be better off rolling your own.
Devise has caused circular references in my Rails asset pipeline, and the settings in the initializer as installed (in the latest version as of yesterday) conflicted with the defaults in the migration it generated.
I have built enterprise-level authentication systems, including email verification, password recovery, etc. And none of it required the routing shenanigans that Devise uses. If you really need all the features, it may be for you. But there are lots of reasons to not use it, too.