I'm planning to build a group of several Rails applications on Heroku, and I want to share accounts, user data, and maybe some other information between these applications and the "main" Rails app. What would be the easiest and most effective way of doing this?
I've heard that one way of doing this is to make all the applications share the same database, but I'm not sure if that's really the best solution in my case since I only need to share some information between these apps. Another thing I've considered is using the CAS protocol, but that only seems to handle authentication (I can't use it to get user's names and email addresses). Suggestions?
Here's how I'm considering doing this.
Create a master app with user authentication.
Have each sub-app do omni auth with the master app.
Then the master app will house all the user data, and the sub-app will get the authentication info necessary plus the user data. I haven't figured out how to make sure that new user data will be saved in the master app, but it seems like you would just send the user to the master app, then have them returned once they've entered the data.
Any suggesting from you Rails experts out there before I sink a week into doing it this way.
Related
I recently switched to a new company where my manager wants me to develop entirely new cloud based project in MVC. I have never worked on a project from the start and I think this is a good opportunity for me to lead.
However, I think the requirements of the clients are bit confusing.
Here is what he wants:
Client should be able to access the cloud hosted application from his network with single sign on. He wants to use his active directory for that.
There are different users in active directory, they will have different roles (I think we can handle this on database side. Create different roles and assign roles to users).
Client has to add vendor info in the application. But for this, system should send an email to vendor with the url of the cloud application. He wants user to login to the application using 2 Factor Authentication. So, send dummy password with url, and send OTP to his mobile number. Just like registering to any system.
Now my questions are:
Is it possible to have 2 different types of login mechanisms in the same application? SSO for client and 2FA for outside vendors?
If yes, could you please guide me in the right direction?
what things I need? Which framework, design pattern should I prefer?
How do I proceed ?
There is an existing application that a user logs into. At a certain point within the existing user workflow the new application I am working on takes over for the existing application and some data from the current session needs to be shared. I was given an idea of digitally signing the data to ensure it is secure, but I am having trouble figuring out how I would implement this and how to share the session. The application I am working on is a rails app.
My question really contains two parts, if you have an idea for one and not the other, that's great:
1) Do you have an idea on how I would share the session between both applications?
2) Would you have an idea on how I would use public/private keys to encrypt the data I am sending?
You can use RubyCAS for manage sessions between applications. It's easy to use and you can integrate it with Devise.
https://github.com/rubycas/rubycas-client
https://github.com/nbudin/devise_cas_authenticatable
I have been working on iOS application for sometime, and I am using Core Data to manage the SQLite database for the application. The users of the application can update the data associated with their account using the application, but I would like to create a simple web form where users could update certain information asosciated with their account. Basically I would like a user to be able to access a web adress from their personal smartphone or computer, login, then update information asociated with the account stored on the iOS device. What are the possible solutions I could use to accomplish this?
Breaking down your question:
Currently you have an iOS app which uses a local SQLite DB to store data
You want to let users update information in this DB remotely (i.e, via a web site)
Unfortunately to do this you're going to need to make some significant changes to how your app works. This is because it's impractical - if not nearly impossible - to do this kind of thing and keep the database local to your device.
The standard way of achieving this would be to store your database remotely on a web server, and then have both your app and your web form interact with this server to retrieve and update data.
There are lots of different ways to do this. Fundamentally, you'll need a server running a database, and a web service to access it. You could implement this yourself, using something like MySQL or PostgreSQL, along with a language of your choosing (Ruby, PHP, Node, etc). Another option is to use one of several 'backend as a service' providers. These are companies that provide 'out of the box' backend functionality for mobile apps. Two popular providers are Parse (owned by Facebook) and Stackmob.
Whether you choose to do it yourself or use a backend provider will depend on how confident you are. It's not an especially hard or tricky thing to put together on your own, but there are several common pitfalls you're likely to encounter.
I am interested in deploying a Node.js along side my Rails application server. Just as a reference, I plan on using socket.IO to create a chat server, so users will be able to chat inside of my web application.
My current application uses Authlogic to authenticate users. I would like to ensure that only a user cannot read other users' messages, so I will need to authenticate the user session somehow. My Node.js will have access to my database, and I know Rails can store the sessions inside of the database, so I would like to use this feature to authenticate chat users. The problem is, I have no idea how to go about doing that. I'm not even sure what information is present in the session, and I do not know how I can use this information to authenticate a user.
Thanks in advance!
The rails session is tricky to use from other languages: it's just a serialised ruby object and pretty much the only documentation for the marshal format is the implementation/rubyspec.
However authlogic doesn't actually store anything in the session: it has a separate cookie (user_credentials by default, assuming your model is User)
The data in that cookie is "#{user.persistence_token}::#{user.id}", so you should be able to easily verify this from your js code
I'm building a standalone couchdb application. These are called couchapps. The idea is that the database itself is served on port 80 and returns HTML and works as the actual website. This is a very powerful idea and I'm entirely amazed by this new concept of having your code live inside your database.
But I'm having some issues with user registration. The one built into couchdb allows for cookies to be set and makes it really easy to plug it into your website. But there's several quite important things missing that my app requires in order to say that it has a "proper" user registration system.
There's no signup verification. No email is sent, no captcha is displayed. This means that anyone could spam your _users database and create as many new users as they please.
If a user forgets their password there's no facility to help them recover it.
Any idea how I could overcome these issues without doing any hardcore Erlang development at a lower level (not an Erlang guy)? It would also be great if anybody knew if I could be using OAuth to authenticate against Twitter or GitHub accounts and have that integrate seemlessly with how couchdb data is handled (inside validate_doc_update functions).
Thank you
While the built in user database can work, I would not recommend it for the workflow you describe. Here are some other options:
Browser ID
I would really recommend using BrowserID. IrisCouch has provided a plugin to couchdb here:
https://github.com/iriscouch/browserid_couchdb
This will take care of the normal registration workflow.
If you want to take it a step further and have your users "Fairly Anonymous", you can follow the example of this couchapp called "Mingle"
https://github.com/thedod/Mingle
Twitter Integration
Max Ogden's "DataCouch" project has a log in via twitter, although it is using some Node external processors to make it work. See here:
https://github.com/maxogden/datacouch/blob/master/processors/auth/twitterauth.js
Facebook integration
https://github.com/ocastalabs/CouchDB-Facebook-Authentication
OpenID
https://github.com/mcaprari/couchdb-openid
I dont think you can use the oauth purely with Couch, as this post suggests:
http://bennolan.com/2011/01/11/couchdb-oath.html
so the closest you will get there is following what Datacouch has done.
Hope these suggestions help.