Skip to content
This repository

HTTPS clone URL

Subversion checkout URL

You can clone with HTTPS or Subversion.

Download ZIP

An Authentication and Access Control library for Ramaze.

branch: master

Fetching latest commit…

Cannot retrieve the latest commit at this time

README
## Ramaze AuthAC Part ##

Version 0.6.0
2008-02-10

### Installation ###

0. Dependencies:
   Your choice of DB interface:
   m4dbi   http://rome.purepistos.net/m4dbi/m4dbi-nightly.gem
   sequel  gem install sequel
1. wget http://rome.purepistos.net/auth-ac/auth-ac-latest.gem
2. gem install auth-ac-latest.gem


### Demo ###

To see AuthAC in action with example code, follow the above Installation
directions, and then:

1. Create an "authac" database user.  For Postgresql: createuser authac
2. Create an "authac" database owned by "authac".  For Postgresql:
   createdb -O authac authac
3. Run tables.sql on the authac database to create the demo schema.
   For Postgresql: cat tables.sql | psql -U authac authac
4. Run sample-data.sql on the authac database.
   For Postgresql: cat sample-data.sql | psql -U authac authac
5. cd example
6. ruby start.rb
7. Browse to http://localhost:7000 .


### Usage ###

#### Setup ####

In your Ramaze application:

  require 'auth-ac'

Before Ramaze.start:

  AuthAC.options(
    {
      :db => {
        :vendor => 'Pg',
        :user => 'authac',
        :password => 'authac',
        :host => nil,
        :database => 'authac',
      },
      # or more options
      # see source code or example start.rb
    }
  )

In each controller that will use AuthAC:
  
  include AuthAC
  
#### Authentication ####

Register a new user with:

  hash = {
    :username => some_username,
    :password => some_plaintext_password,
    # Optionally:
    :another_user_field => 'foo',
  }
  register( hash )
  
Log a user in with:

  login( username, password )

Check if a user is logged in with:

  if logged_in?

Logout the currently logged in user (if any) with:

  logout

#### Access Control ####

Use these commands at the top of your action methods where you need access control.

For actions that require being logged in (regardless of user group or flags):

  login_required

For actions that require special access flags:

  requires_flag 'some-access-flag'
  # or
  requires_flags 'some-access-flag', 'another flag'

require_flag, require_flags, requires_flag and requires_flags are all synonymous.


### Customization ###

Use the example as a base to create your own custom templates and controllers.
The controller examples show how to use the helper methods to do authentication
and access control.  They also demonstrate how to wrap the basic authentication
methods with your own to do more complicated processing over and above the
base methods.

By default, access denial shows '/access/denied'.  Override the deny_access method
to change this behaviour.

Use sql/tables.sql as a base for the minimum schema.  The users.realname field is
an example of metadata.  It does not have bearing on either authentication or
access control.  Add any additional metadata to the users table as per your
needs.

To use Sequel as your ORM, in auth-ac/lib/auth-ac.rb, change:

  load __DIR__/'model'

to
      
  load __DIR__/'model-sequel'
Something went wrong with that request. Please try again.