I am new to this community, but I am working on a site that requires implementation of a user/password/register check upon entry, which would check against a database, or write to the database, in the case of registration. I have experience with XHTML and CSS, and just discovered RoR. I honestly have very little insight into how to achieve my goal using just XHTML, so I decided to learn Ruby, taking a shot in the dark. I'm wondering if there's an easier language, or more direct fix that I should be implementing instead. Any thoughts?
I would recommend looking at Restful Authentication.
Also, for good code examples in general, have a look at Altered Beast. It's a forum built in Ruby on Rails and it uses Restful Authentication.
Are you looking for information on how to implement user authentication in Rails? You could try acts_as_authenticated.
Check out the book called Agile Web Development with rails. It has two parts, a step-by-step walkthrough of creating an application, and a reference section on rails. I recently started a contract job where I chose RoR as my framework without any experience in it. This book has been an immense resource to teach me Ruby on Rails. It also specifically teaches how to implement the authorization you are talking about.
Related
I am doing a project on creating a lab application for a next generation sequencing data using ruby on rails.
The main idea my boss suggests me to do is to have users fill in their details and submit to us. After the submission, the administrator, i.e. me, would send them a password which they can use to login my application. could some one help me with the idea of development. I am naive to ruby on rails and would be very grateful for people who help me.
thank you and cheers
I would start with Michael Hartl's RailsTutorial. Not only did I find it the best way to get started - the application he builds includes a bombproof user security model, just as you require, and so you'd be both learning and developing something relevant at the same time.
I'd also recommend buying the videos, as well as the book. They make all the difference.
Are you new to the whole web development thing or is it just Ruby on rails that you have no knowledge of?
If the former, I'd suggest googling some Ruby tutorials on how to make a simple web application and build from there. Start by a simple "Hello world" application, then proceed to handle submitted forms, then install and use a database and by then you should have the basic knowledge to build what you want.
If the latter, could you specify, what parts you need help with? Ruby is syntactically quite easy to learn if you just take a look at some tutorials, so that shouldn't pose any problems. You have described a simple use case which I'm sure you can handle in a new environment, if you just have the patience to try and learn.
This question aims to understand RoR and frameworks in general. It looks like RoR never had any standard user authentication system. Was it just historical reason (just happened naturally as it did)... or could it be intentional? Because RoR is a website building tool, more often than not, user authentication is a crucial part of a website.
To put it into perspective, another question is, do other popular frameworks, Django, Symfony, CakePHP, have user authentication built in?
There is no reasonably generic way to do user authentication. Most frameworks leave it up to you to choose the plugin that most closely matches what you're trying to accomplish.
For example, consider these two situations:
a blog which has a single administrator with password-protected admin-facing tools
a site like YouTube which allows users to sign up and administer their own content
Both of these sites would require vastly different authentication systems; which of these systems should Rails cater to out-of-the-box?
The Rails core team wanted to ensure that Rails was open-ended enough to make anything you want. There is no one-size-fits-all authentication scheme, so the core team decided to leave it out. Rails is easily extendable via gems and plugins, so that is where they belong.
Some examples are Warden and the Rails Warden plugin, Devise, Authlogic, and Restful Authentication.
CakePHP has a built in Authentication component that is pretty straight forward and easy to implement.
Most of these frameworks you mentioned are toolkits, not complete products. You build these things yourself, or leverage plugins from the community. Django's admin plugin/module has authentication out of the box though. Drupal does too, as a matter of fact.
Authentication can be(and is in my opinion) a matter of taste and need. If Rails was including things like that, it would start to become a website and not a framework. The programmer has to be free to choose among various implementations. That is why gems are available.
I've been programming a little in Rails and CakePHP, and I can say that Rails doesn't need to provide a mechanism like this. The community is very very good, and there are many examples (already said, like Devise, Authlogic...) made by very good programmers. Of course, there are many tutorials online (and also, railscasts, which are simply awesome) to program a succesful set-up for your project. So, if we have all of this, why should we need something like cakePHP mechanism? It's OK, it works, but there's just a very good tutorial and that's all( and maybe enough..). So, in the end, if u have a nice community you shouldn't care about the core of the technology, there will be always someone else more experienced with your needs that will do it for you. And if you don't find it, do it by yourself and in the proccess you will find a lot of help! :)
I wanted to make a web site with the following basic features- (1)User registration for buyers and sellers. (2)profile pages (3)A buyer should be able to post work and should get profile links of the corresponding seller who has expertise in that work.
As time progresses i would want to add more features to the site.The freelancer sites where user can post jobs and get bids is the best example of the work.
(1)I want my code to be maintainable as i woud be adding features later on. (2)It should be quick to develop. (3)Resources should be available(not the entire thing, atleast in bits and pieces) for the above requirements and should not be tough to find for future enhancements. (4)Design should be decoupled from the buisness logic as i would outsource the design work.
I was thinking of Ruby on Rails for this work as i have experience in the MVC model and RoR looks cool.I am from the mobility domain so i don't know whether RoR will suit my work
Would RoR suit this purpose.If yes where can i find the resources to the above mentioned requirements.
Thanks
Ruby on Rails would be ideal for this type of website.
Check out some of these resources for info on how to use Ruby on Rails:
http://guides.rubyonrails.org/
http://railscasts.com/
http://www.railsforum.com/
I noticed you are already aware of TeachMeToCode, but there is a tag there for all the Rails 3 tutorials, with some blog tutorials and what looks like the beginning of a series on how to build a del.icio.us clone. Since they are in Rails 3, they would be well worth checking out:
http://teachmetocode.com/screencasts/tag/rails-3/
One of the best tutorials:
http://railsforzombies.org
It will let you have your own point of view quickly.
It depends on with which languages you have experience. Any good MVC framework will do the job just fine but if you like Ruby syntax RoR is definitely a good framework to develop this kind of application.
It seems that a lot of Ruby on Rails questions are related to AuthLogic. What are the advantages of it that it is so popular?
It's popular because with Rails 2.2, it was the most complete authentication plugin system.
The authentication is often the base of each web application. It's quickly used on a lot of projects and often beginners start by blindly adding the authlogic plugin. The beginner doesn't understand how it's works, and ask some questions on SO.
There is a new, great, and complete plugin for Rails 2.2 and Rails 3. It's called devise. A lot of people come with questions about it as well.
Each plugin is good, each is different. You just need to choose what you want.
There are a few self-contained user frameworks, and AuthLogic is one of the earliest full-featured varieties. Thoughtbot is also pretty good at marketing their technology, and their other gem, Paperclip, is very popular as well.
The advantage of AuthLogic is that you can get slap on a user authentication system quite easily to an existing application without having to roll your own, something that is challenging for someone unfamiliar with Rails.
Because it works.
Does anyone know of a good guide on building your own authentication system in ruby on rails?
I want to roll my own system to use with my community im building :)
Thanks!
I'd recommend starting with Warden - it'll handle the very basics of sessions for you, and give you a good foundation to build your logic on top of. The Rails Warden plugin is a rather small library that helps integrate it into Rails. Both of these projects are fairly mature and well-constructed yet still under active development - they're good choices all around.
You should be aware of Devise, another authentication framework (like Authlogic or Restful Authentication) that is based on Warden. It may not be a good fit for your project (it wasn't for mine), but looking through the source might give you a few ideas on how best to use Warden.
The other thing I'll note is that, in terms of hashing passwords, you should absolutely use bcrypt.
michael hartl has a good book coming out soon and the first 8 chapters are available in pdf format for free here: http://www.railstutorial.org/ - they cover the entire process of creating a very solid rspec-driven authentication system - can't recommend it highly enough
Well, it came out a while after you asked your question but the best answer if you're keen to build your own authentication system rather than use something like Devise would probably have to be Ryan Bates' Authentication from Scratch Screencast.
Since authentication is a common problem that has been solved many times already, I would start by investigating the solutions already out there.
For example, have a look at Restful Authentication which provides a good foundation for authentication in Rails. Even if you'd rather roll your own system, playing around with Restful Authentication and understanding how it works should give you a good understanding of the components needed when you start building your own system.
Check out this article:
http://www.aidanf.net/rails_user_authentication_tutorial
The author goes, step by step, through an entire authentication framework, with suggestions on further improvements. Even tests are discussed.
I agree with Ritchie... Devise has some very nice features but it doesn't play nice with others. For many use-cases, the way it hijacks the routing can make your job more difficult. In many situations you may be better off rolling your own.
Devise has caused circular references in my Rails asset pipeline, and the settings in the initializer as installed (in the latest version as of yesterday) conflicted with the defaults in the migration it generated.
I have built enterprise-level authentication systems, including email verification, password recovery, etc. And none of it required the routing shenanigans that Devise uses. If you really need all the features, it may be for you. But there are lots of reasons to not use it, too.