Home
Welcome to the Sorcery wiki!
This wiki is a work in progress, and constantly improving.
Sorcery is a stripped-down, bare-bones authentication library, with which you can write your own authentication flow. It was built with a few goals in mind:
- Less is more - less than 20 public methods to remember for the entire feature-set make the library easy to 'get'.
- No built-in or generated code - use the library's methods inside your own MVC structures, and don't fight to fix someone else's.
- Magic yes, Voodoo no - the lib should be easy to hack for most developers.
- Configuration over Confusion - Simple & short configuration as possible, not drowning in syntactic sugar.
- Keep MVC cleanly separated - DB is for models, sessions are for controllers. Models stay unaware of sessions.
Hopefully, I've achieved this. If not, let me know.
You can see how controllers, models, migrations and views can be used in Rails 3 with Sorcery by checking out this example application.
There is also a mongoid branch at the same URL, showing how you can use Mongoid as your ORM.
Rails Tutorials:
Simple Password Authentication | Remember Me | Session Timeout
User Activation | HTTP Basic Auth | Reset Password | Password-less Activation
Activity Logging | Brute Force Protection | External
Routes Constraints | Fetching currently active users
Testing Tutorials:
Tutorials in another sites:
Magical Authentication with Sorcery by Ilya Bodrov on Sitepoint.com
AnyLogin gem for quick login as any user without password.
Meta
Using Sorcery
- Activity Logging
- Brute Force Protection
- DataMapper Support
- DelayedJob Integration
- Distinguish login failure reasons
- External
- External---Microsoft-Graph-authentication
- Fetching Currently Active Users
- HTTP Basic Auth
- Integration Testing
- OAuth Landing Page
- Password-less Activation
- Remember Me
- Reset Password
- Routes Constraints
- Session Timeout
- Simple Password Authentication
- Single Table Inheritance Support
- Testing Rails
- User Activation
Contributing to Sorcery