I have an application that uses the Authlogic gem and needs the functionality
of the Userstamp plugin.
AFAIK Userstamp works very well with RestfulAuthentication, though I couldn't find anything mentioning using it together with Authlogic.
Has anyone of you tried to combine them? Are there issues I should be aware of? Should I use a completely different plugin/gem to get the functionality of Userstamp in combination with Authlogic?
Thanks a lot for your help!
Well, I just found it out the hard way. ;-)
If you use Authlogic (2.0.11) in combination with Userstamp (2.0) make sure that Authlogic's current_user method in the ActionController is protected and not private (as is the default). Or you'll get a NoMethodError in User sessionsController#new.
Besides that it just works like a charm.
P.S.: There's no need to manually implement the set_stamper method in the ActionController. Authlogic and Userstamp work well with the method defined by the Userstamp plugin. If you've no idea what I'm talking about, just ignore this. :-)
Related
I am creating a Rails app that does not use a database. Instead, the model is managed using a Ruby API that wraps a legacy system.
I have a Ruby call that will allow me to validate a username/password combination. Is it possible to use Devise (or some other off-the-shelf authentication solution) in this case?
My hope is that I can override a few methods in Devise and still get many of the benefits.
Peter.
it is possible.
You may override the default authentication and use a remote service with Devise and Warden.
This blog post gives you details how:
http://4trabes.com/2012/10/31/remote-authentication-with-devise/
Let us know how it goes...
Good luck
If I understood correctly, you want to use Devise in your project to wrap old legacy authentication system.
You might need something like to define legacy_username and legacy_password methods, create a migration to adopt to Devise gem, and I believe you will find your way out.
Maybe this link can help you out: http://www.davidverhasselt.com/2012/05/13/how-to-migrate-passwords-from-legacy-systems-to-devise/
And also, maybe this - how to create custom encryptor in Devise - https://github.com/plataformatec/devise/wiki/How-To:-Create-a-custom-encryptor
I hope it will help.
I've been using rails for a while and have used restful_authentication for user logins for the past few years. However this doesnt seem to be getting maintained any more, so was thiking it is time to move to another plugin.
Does anyone have any suggestiosn on what I should be using / is the most popular these days.
Only requirments I have are
It needs to work with rails 3
It needs to work with a model called Client instead of the standard User model.
Thanks,
Jon
Checkout Devise, it's still maintained and there are a lot of support resources out there. It also has extendable plugins, so you can authenticate with Twitter, Facebook, or really any OAuth2 solution
Here are a few:
http://railscasts.com/episodes/209-introducing-devise
http://railscasts.com/episodes/210-customizing-devise
http://www.kiwiluv.com/techblog/?p=397
Have a look at Devise:
http://github.com/plataformatec/devise
Jon,
If you decide to go with Devise, note that you can manually override the default user class during installation. (The default is "User".) IMHO you're correct in that Devise seems to generally be maintained more, especially compared to restful_authentication. If you're torn between the two for your Rails 3 app, I'd recommend giving Devise a shot first.
Are there any updated tutorials for using OpenID with Authlogic? I'd heard good things about Authlogic, and the documentation makes it seem much better than Restful Authentication... but in trying to implement OpenID, 100% of the tutorials and information I've come across have been outdated (including Railscast #170). They depend on gems that either no longer work or no longer exist. And to add to the frustration, Github has been down for hours today.
Does anyone know of a simple updated guide to get OpenID working with Authlogic? Thanks!
The solution (if you're on Rails 2.3.8 like I am) is to use older versions of pretty much everything. I fond this app and simply copied the versions of the gems they were using: https://github.com/holden/authlogic_openid_selector_example. That meant using the authlogic_openid plugin rather than the gem form.
Things worked well after that.
We are evaluating plugins for Authorization in Rails. The two at the top of our list are
cancan and declarative_authorization.
I would like to get some feedback from anyone currently using either of these plugins.
The problem we are going to face with any authorization plugin is that we have a
database per customer model and will need to modify the plugin to work within that
model. Because of this fact I'm interested in hearing from anyone who has had to tweak the
plugins at all as well.
I'm just starting to look around at the code. It seems like cancan might be a little easier to customize.
Any thoughts?
Cancan is a lighter weight plugin for smaller sites. You can see a video on railscasts.
http://railscasts.com/episodes/192-authorization-with-cancan
I've used declarative_authorization with authlogic/restful_auth for several projects. It has everything you would need. 1) Model security. 2) Controller security 3) methods available to the view to check auth.
The only frustrating thing I've run into with declarative_authorization is me not reading the rdocs.
http://railscasts.com/episodes/188-declarative-authorization
Authority
I'd suggest you also check out my new gem, Authority. Because you do the actual logic in plain Ruby classes and methods, you can check any data source you need to: different databases, static files, phases of the moon via a web request, you name it. :)
I ended up using declarative_authorization. Now it seems that auth_logic is where the community is headed.
declarative_auth would have been really simple if it wasn't for our apps multi-tennant db
model. I had to modify the source a bit to make it all work, but it wasn't too tough to do, and
I was pretty green when I started this project.
It seems like you really can't go wrong with any of the solutions. cancan seemed cool too
but it would have needed more mods for what I was doing so I decided against it.
Its written by Ryan Bates though which is cool. Love rails casts! :)
I know this post is old but I figured I'll update any because you never know.
I would like to add authentication to my Rails app. I came across few plugins that do this: acts_as_authenticated, restful_authentication, Authlogic...etc
I haven't seen an article that describes differences, advantages and disadvantages of using each.
Can you help with that? which one do you use and why?
Thanks,
Tam
I recently switched from restful_authentication to AuthLogic. The main reason was because I found restful_authentication a bit too bloated for what I was trying to achieve. Check out Ryan Bates' brilliant screencast:
http://railscasts.com/episodes/160-authlogic
I've switched from restful_authentication to Authlogic, because Authlogic is a plugin/gem as opposed to a generator. This makes it infinitely easier to upgrade.
Authlogic is also geared around being extensible, so you can fairly easily use it with OAuth or Facebook Connect (there are Authlogic modules that implement this, but I'm not using them; it's super easy to create an Authlogic user session manually).
Stay away from acts_as_authenticated. It's ancient and unmaintained. As noted, restful_authentication is its successor.
I'm a bit late to this party, but Devise looks pretty good. I'm using it on a project after trying AuthLogic. There's a couple of railscasts on it as well. I like it so far...definitely worth a look.
http://github.com/plataformatec/devise
I personally tend to use restful_authentication out of habit, but I've made use of AuthLogic a few times. AuthLogic is a lot leaner and cleaner code and tends to be much easier to setup and integrate into a project. It is also is newer and more popular (or feels like it as of late), so it should be easier to find resources or help if you need it. I'd definitely go AuthLogic.
If you'd like to know more about restful_authentication and see how it varies from AuthLogic in practice, there is also a railscast for it.
http://railscasts.com/episodes/67-restful-authentication
If you are looking for alternatives to the standard username/password scheme and using only external identity providers, there is a new plugin called OmniAuth that works at the rack level (so it's independent from Ruby on rails) and supports multiple external identity providers like OAuth, Facebook Connect, Google and LDAP.
There are also two Railscast episodes on how to use it: Episode 1 and Episode 2
If I am correct, restful_authentication is the succesor of acts_as_authenticated. I would therefore strongly disrecommend using acts_as_authenticated.
I personally use restful_authentication. It just works the way I expect it to work...
There's also thoughtbot's clearance. Though I chose Authlogic because of the authlogic-oid open id "add-on" gem.