I use ember js + rails. I wanna to make user authorisation like Devise + Cancan in Rails. All i need is 2 roles : user and admin and i want to implement role and authentication controlling in ember js. All manuals that i found where very old. Mb you can give me some examples of app where such things are done?
Thanks for help.
Check out this blog post. It goes over how to use devise and emberjs. Not sure how the cancan would work on the client side, you'd have to come up with your own logic to do that.
Related
I've read multiple blogposts and watched the railscasts episodes to APIs. But I still got one problem, I'd like to use the API in a way Facebook or twitter does. It should be possible to register an API client. The client should become an id and an secret (should be the same like username or password, right?).
Somehow I think devise could do everything for me but I'm not sure cause I'm kinda new to rails.
Is there a best practice or is the devise solution a good and common one?
Thank you guys! <3
You should use the Doorkeeper gem. Here is a demo app using rails, devise and mongoid.
Booth that services use OAuth so if you want to implement similar functionality you can use this technology also.
Is there a non-trivial example / tutorial that implements Devise + CanCan in an Ember.js + Ember-data + Rails app?
There is not. FWIW a simple approach for ember/rails apps is to use rails primarily as API and assume user has been authenticated externally. So you can use standard rails/devise login/signup pages, then send authenticated users to ember app. Then ember app calls api in context of an authenticated user and your api uses CanCan to determine role and return appropriate data. Make sense?
I used this site which has been pointed out by a few people working with ember as a reasonable way of doing things. It is more or less what #Michael Grassotti is explaining above.
There are a lot of blogs about all kind of changes you have to make on Devise before it would work, but they are quite old, I had Devise working nicely very quick, without any changes. Be sure to make a User serializer (active_record_serializers) which is skipped in the link above.
The proper answer to this question is still "no", but there are some decent resources from which you may be able to construct your own:
The in depth and up to date tutorial for heartsentwined's ember-auth-rails-demo, which uses devise with his ember-auth-rails gem and ember-auth library.
Richard Livsey's fantastic blog post about adding a #can helper to ember.
Delwyn's stackoverflow sample code for serializing CanCan abilities so you can reference them on the client side. Still up to you to get them there and use them though.
I'm new to Ruby on Rails and one of the things that I like is the admin generator bundles like RailsAdmin ActiveAdmin etc.
In my next project I'd like to use Ruby on Rails 3 and ActiveAdmin as backend. But I have no idea of how to achieve ACL in ActiveAdmin.
Can someone explain or point me in the right direction please?
Active Admin uses the Devise gem for authentication. The Devise team have a wiki on how to use cancan for authorization here https://github.com/plataformatec/devise/wiki/How-To:-Integrate-with-CanCan-for-roles-management
ActiveAdmin has rather poor support for authorization in my opinion. If you want integrated CanCan then I recommend going with RailsAdmin. It unfortunately is not as customizable as ActivAdmin though.
Prefface
I'm new to rails & programming. Working on my first rails app--I have authentication with omniauth and devise and a simple article submission working for users.
I want to do two things:
If a user isn't a specific role,
reroute them to another page.
If a preference is 'offline' only
allow admins to view the site.
I have yet to create a prefferences table--looking for suggestions. :)
What's the best way to set up simple roles?
What's the easiest way to redirect users if they're not admin and if the site is 'offline'?
I'm currently using CanCan for role-based authorization on my current project. I've found it works great including the ability to do both of what you're looking for. And the documentation! Oh, the documentation. If all gem authors wrote documentation like CanCan's, I do believe it would bring about world peace.
And as an added bonus, because it was written by Ryan Bates, it has a RailsCast already recorded for it.
Hey, i need some help with rails, again! Last it was about Authlogic.. Well I'm gone a bit backward since.. I mean, Authlogic isn't a Authentcate system i like.. So now i wan't you guys to tell me what you think is the best!
I going to use it to a project of mine. Where there has to be a few roles like Admin, User and Guest.. So might you guys can tell me what is good and what is bad..?
You need to split authentication from authorization.
Authentication covers the login/logout process. Authorization is directly linked to permission to see/use resources.
Authlogic is a very good authentication gem.
For authorization you can check CanCan from Ryan Bates, which is very simple to integrate with authlogic (just a single file in the models folder called ability.rb in which you configure all the app authorizations).
EDIT: You can also go with a simpler solution but you will lose flexibility
I used Devise and it worked quite well, however it did not met my needs...
What you might need however looks like something super simple, something like this: http://railscasts.com/episodes/21-super-simple-authentication
I use Authlogic for authentication and DocSavage's Rails Authorisation plug-in for authorisation needs. Its a simple yet powerful plug-in.
Rails authorisation plug-in: http://github.com/DocSavage/rails-authorization-plugin