Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with HTTPS or Subversion.

Download ZIP
tree: 8f28940a80
Fetching contributors…

Cannot retrieve contributors at this time

111 lines (100 sloc) 5.705 kb
9/05/08: Alpha release
Full featured restful authentication starter app from http://railsforum.com/viewtopic.php?id=14216 combining role requirement, open id authentication, recaptcha, ui, debugging, and security plugins. This is a preliminary release and has not been tested or audited.
A more in depth tutorial is located at http://railsforum.com/viewtopic.php?id=14216.
SET UP
- git clone git://github.com/activefx/restful_authentication_tutorial.git
- git submodule init
- git submodule update
- Set up database.yml file
- Set up config.yml file
- Change the login and password for the admin user in the _set_up_first_admin_user.rb migration
- Change contact_site method in application.rb to redirect to your site's contact form or info
- rake db:create:all or db:create
- rake db:migrate
CURRENT FEATURES
- Namespaced admin and user sections
- Login / Logout
- OpenID Authentication with support for incomplete OpenID profiles
- Roles and permissions
- Administrative user controller
- Set roles, activate, enable / disable users
- Member list and public profiles for logged in users
- Activation, with option to resend activation code
- Forgot Password / Reset Password
- Change Password
- Helper methods (link_to_user, if_admin?, etc.)
- Configuration file
- Authentication Plugins
- restful_authentication, open_id_authentication, role_requirement, recaptcha
- UI Plugins
- custom-err-msg, permalink_fu, uberkit, will_paginate
- Debug Plugins
- exception_logger, rails-footnotes, query_analyzer, query_stats, rows_logger
- Testing
- rspec, rspec_rails
KNOWN ISSUES
- View and Layout notes for the rails-footnotes plugin do not work due to changes to ActionView::Base
- SessionsController#create returns ActionController::InvalidAuthenticityToken unless protect_from_forgery is skipped for the create action. This may just be an issue on my end from fooling with the cookies, secret, and session key.
- OpenID plugin returns unknown method relative_url_root even though its defined in ActionController::AbstractRequest. Created an initializer to temporarily fix the problem.
- Roles controller needs to be redesigned. Currently mass assigns user (shouldn't be a problem because only admins can access the controller) and can return the wrong flash message if the role association is updated but user validations still fail.
- Not sure if the exception_logger is working properly. If someone can test and let me know if it works or what the problem is it would be greatly appreciated.
TODO
- Fix known issues
- Full rSpec test suite
- Integrate optional recaptcha helpers
- Track failed login attempts and display recaptcha
- Better access and permission denied redirects
- Make the ActivationsController "activate" action restful
- Beta invitations
- Integrate user interface plugins / dry form builders
- Move query stats and rows logger to footnotes plugin
- Add css / open source design template (that does not require attribution)
- Refactoring, google authentication, oauth, api metering
PLUGINS
Custom-err-msg by David Easley is released under the MIT License
- http://rubyforge.org/projects/custom-err-msg/
Exception_logger by Chris Wanstrath is believed to be released under the MIT License
- http://github.com/defunkt/exception_logger/tree/master
Rails-footnotes by Jose Valim and Duane Johnson is released under the MIT License
- http://github.com/drnic/rails-footnotes/tree/master
- http://github.com/activefx/rails-footnotes/tree/master (modified for restful_authentication_tutorial)
Open_id_authentication by David Heinemeier Hansson is released under the MIT License
- http://github.com/rails/open_id_authentication/tree/master
Permalink_fu by Rick Olson is released under the MIT License
- http://github.com/technoweenie/permalink_fu/tree/master
Query_analyzer by Bob Silva is released under the MIT License
- http://svn.nfectio.us/plugins/query_analyzer
Query_stats by Dan Manges is released under the MIT License
- http://github.com/dan-manges/query_stats/tree/master
Recaptcha (plugin) by Jason L. Perry is released under the MIT License
- http://github.com/ambethia/recaptcha/tree/master
Restful_authentication by Rick Olson is released under the MIT License
- http://github.com/technoweenie/restful-authentication/tree/master
Role_requirement by Timothy Curtis Harper and Jonathan Barket is released under the MIT License
- http://github.com/timcharper/role_requirement/tree/master
Rows_logger by Maiha does not list a license
- http://wota.jp/svn/rails/plugins/branches/stable/rows_logger/
Rspec and Rspec_rails by The RSpec Development Team is released under the MIT License
- http://github.com/dchelimsky/rspec/tree/master
- http://github.com/dchelimsky/rspec-rails/tree/master
Uberkit by Michael Bleigh and Intridea, Inc. is released under the MIT License
- http://github.com/mbleigh/uberkit/tree/master
Will_paginate by PJ Hyett and Mislav Marohnic is released under the MIT License
- http://github.com/mislav/will_paginate/tree/master
RESOURCES
Roles / Role Requirement:
- http://scottmotte.com/archives/106
- http://pastie.org/226807
Flash Messages:
- http://rubypond.com/articles/2008/07/11/useful-flash-messages-in-rails/
Exception Logger:
- http://railscasts.com/episodes/104
Beta Invitations:
- http://railscasts.com/episodes/124-beta-invitations
Configuration File:
- http://railscasts.com/episodes/85-yaml-configuration-file
- https://peepcode.com/products/draft-rails-code-review-pdf
Additiona Resources:
- http://delicious.com/activefx/restful_authentication
- http://delicious.com/activefx/openid
Copyright (c) 2008 Matthew Solt, released under the MIT license
Jump to Line
Something went wrong with that request. Please try again.