Skip to content
This repository
Newer
Older
100644 249 lines (177 sloc) 18.935 kb
43e849c6 » yourewelcome
2008-11-03 Released v0.10.4
1 = Authlogic
1b98335c » yourewelcome
2008-10-24 Initial commit
2
d93590b7 » yourewelcome
2012-06-01 update readme for rails 3
3 ** Please note the latest version is compatible with rails 3 only. Please see the rails2 branch for Rails 2 compatibility.
29846f55 » yourewelcome
2011-05-04 update readme
4
605162d3 » yourewelcome
2009-03-20 Release v2.0 RC1
5 Authlogic is a clean, simple, and unobtrusive ruby authentication solution.
1b98335c » yourewelcome
2008-10-24 Initial commit
6
ec82400e » yourewelcome
2009-04-21 Make the README simpler and more to-the-point
7 A code example can replace a thousand words...
8
b3657216 » yourewelcome
2009-05-02 Fix typo in mock request
9 Authlogic introduces a new type of model. You can have as many as you want, and name them whatever you want, just like your other models. In this example, we want to authenticate with the User model, which is inferred by the name:
ec82400e » yourewelcome
2009-04-21 Make the README simpler and more to-the-point
10
11 class UserSession < Authlogic::Session::Base
b3657216 » yourewelcome
2009-05-02 Fix typo in mock request
12 # specify configuration here, such as:
13 # logout_on_timeout true
14 # ...many more options in the documentation
ec82400e » yourewelcome
2009-04-21 Make the README simpler and more to-the-point
15 end
16
b3657216 » yourewelcome
2009-05-02 Fix typo in mock request
17 Log in with any of the following. Create a UserSessionsController and use it just like your other models:
ec82400e » yourewelcome
2009-04-21 Make the README simpler and more to-the-point
18
b3657216 » yourewelcome
2009-05-02 Fix typo in mock request
19 UserSession.create(:login => "bjohnson", :password => "my password", :remember_me => true)
20 session = UserSession.new(:login => "bjohnson", :password => "my password", :remember_me => true); session.save
21 UserSession.create(:openid_identifier => "identifier", :remember_me => true) # requires the authlogic-oid "add on" gem
22 UserSession.create(my_user_object, true) # skip authentication and log the user in directly, the true means "remember me"
23
24 The above handles the entire authentication process for you. It first authenticates, then it sets up the proper session values and cookies to persist the session. Just like you would if you rolled your own authentication solution.
25
26 You can also log out / destroy the session:
27
28 session.destroy
ec82400e » yourewelcome
2009-04-21 Make the README simpler and more to-the-point
29
8c8e079e » yourewelcome
2009-04-25 Release v2.0.11
30 After a session has been created, you can persist it across requests. Thus keeping the user logged in:
1b98335c » yourewelcome
2008-10-24 Initial commit
31
ec82400e » yourewelcome
2009-04-21 Make the README simpler and more to-the-point
32 session = UserSession.find
af4f7e06 » yourewelcome
2009-01-01 Documentation fix for using AES as an encryption method.
33
b3657216 » yourewelcome
2009-05-02 Fix typo in mock request
34 To get all of the nice authentication functionality in your model just do this:
ec82400e » yourewelcome
2009-04-21 Make the README simpler and more to-the-point
35
b3657216 » yourewelcome
2009-05-02 Fix typo in mock request
36 class User < ActiveRecord::Base
37 acts_as_authentic do |c|
38 c.my_config_option = my_value
39 end # the configuration block is optional
40 end
9bca67d7 » yourewelcome
2008-11-09 Reorganized ORM code and tests
41
b3657216 » yourewelcome
2009-05-02 Fix typo in mock request
42 This handles validations, etc. It is also "smart" in the sense that it if a login field is present it will use that to authenticate, if not it will look for an email field, etc. This is all configurable, but for 99% of cases that above is all you will need to do.
43
44 Also, sessions are automatically maintained. You can switch this on and off with configuration, but the following will automatically log a user in after a successful registration:
c5e610ac » yourewelcome
2009-04-29 * Extracted Authlogics regular expressions into its own module to all…
45
46 User.create(params[:user])
47
48 This also updates the session when the user changes his/her password.
49
b3657216 » yourewelcome
2009-05-02 Fix typo in mock request
50 Authlogic is very flexible, it has a strong public API and a plethora of hooks to allow you to modify behavior and extend it. Check out the helpful links below to dig deeper.
51
605162d3 » yourewelcome
2009-03-20 Release v2.0 RC1
52 == Helpful links
53
e44e1e35 » yourewelcome
2009-06-27 Add gemspec for github
54 * <b>Documentation:</b> http://rdoc.info/projects/binarylogic/authlogic
f638b12b » yourewelcome
2009-04-28 * Added the ability to add a last_request_update_allowed? method in y…
55 * <b>Repository:</b> http://github.com/binarylogic/authlogic/tree/master
261e8ad4 » yourewelcome
2009-05-04 Cleanup how generalize_credentials_error_messages is implemented
56 * <b>Railscasts Screencast:</b> http://railscasts.com/episodes/160-authlogic
f638b12b » yourewelcome
2009-04-28 * Added the ability to add a last_request_update_allowed? method in y…
57 * <b>Live example with OpenID "add on":</b> http://authlogicexample.binarylogic.com
58 * <b>Live example repository with tutorial in README:</b> http://github.com/binarylogic/authlogic_example/tree/master
59 * <b>Tutorial: Reset passwords with Authlogic the RESTful way:</b> http://www.binarylogic.com/2008/11/16/tutorial-reset-passwords-with-authlogic
4eaf68e8 » yourewelcome
2009-08-07 Update issue link, moved from lighthouse to github
60 * <b>Issues:</b> http://github.com/binarylogic/authlogic/issues
605162d3 » yourewelcome
2009-03-20 Release v2.0 RC1
61 * <b>Google group:</b> http://groups.google.com/group/authlogic
62
d23f64e9 » yourewelcome
2009-04-25 Add some comments on testing Authlogic, with a link to Authlogic::Tes…
63 <b>Before contacting me directly, please read:</b>
51f7b28b » yourewelcome
2009-04-09 * Reset the @password_changed instance variable after the record has …
64
4eaf68e8 » yourewelcome
2009-08-07 Update issue link, moved from lighthouse to github
65 If you find a bug or a problem please post it in the issues section. If you need help with something, please use google groups. I check both regularly and get emails when anything happens, so that is the best place to get help. This also benefits other people in the future with the same questions / problems. Thank you.
ee1f49b2 » yourewelcome
2009-04-05 * Use MockCookieJar in tests instead of a Hash.
66
5c0ac4ff » yourewelcome
2009-04-08 * Make password and login fields optional. This allows you to have an…
67 == Authlogic "add ons"
ee1f49b2 » yourewelcome
2009-04-05 * Use MockCookieJar in tests instead of a Hash.
68
f638b12b » yourewelcome
2009-04-28 * Added the ability to add a last_request_update_allowed? method in y…
69 * <b>Authlogic OpenID addon:</b> http://github.com/binarylogic/authlogic_openid
70 * <b>Authlogic LDAP addon:</b> http://github.com/binarylogic/authlogic_ldap
bcb0d4af » yourewelcome
2009-06-10 * Stop using errors.on(key) since that is now deprecated in Rails. Us…
71 * <b>Authlogic Facebook Connect:</b> http://github.com/kalasjocke/authlogic_facebook_connect
5f58f395 » trobrock
2011-01-30 Adding a link to a fork of the authlogic for facebook that supports t…
72 * <b>Authlogic Facebook Connect (New JS API):</b> http://github.com/studybyte/authlogic_facebook_connect
ed7d8016 » james2m
2011-05-01 Added reference to authlogic_facebook_shim in README.rdoc.
73 * <b>Authlogic Facebook Shim</b> http://github.com/james2m/authlogic_facebook_shim
639a0355 » jrallison
2009-06-28 Signed-off-by: Ben Johnson <bjohnson@binarylogic.com>
74 * <b>Authlogic OAuth (Twitter):</b> http://github.com/jrallison/authlogic_oauth
d59cabc1 » kimptoc
2011-05-04 add link to viatropos authlogic-connect extension - for oauth/openid
75 * <b>Authlogic Oauth and OpenID:</b> http://github.com/viatropos/authlogic-connect
36ad8557 » nbudin
2009-10-20 Added nbudin's authlogic_pam addon to the list
76 * <b>Authlogic PAM:</b> http://github.com/nbudin/authlogic_pam
1ab2386c » ctria
2011-05-17 Added authlogic_x509 plugin to the "Add ons" list
77 * <b>Authlogic x509:</b> http://github.com/auth-scc/authlogic_x509
ee1f49b2 » yourewelcome
2009-04-05 * Use MockCookieJar in tests instead of a Hash.
78
ec82400e » yourewelcome
2009-04-21 Make the README simpler and more to-the-point
79 If you create one of your own, please let me know about it so I can add it to this list. Or just fork the project, add your link, and send me a pull request.
605162d3 » yourewelcome
2009-03-20 Release v2.0 RC1
80
f638b12b » yourewelcome
2009-04-28 * Added the ability to add a last_request_update_allowed? method in y…
81 == Session bugs (please read if you are having issues with logging in / out)
82
83 Apparently there is a bug with apache / passenger for v2.1.X with sessions not working properly. This is most likely your problem if you are having trouble logging in / out. This is *not* an Authlogic issue. This can be solved by updating passener or using an alternative session store solution, such as active record store.
84
ec82400e » yourewelcome
2009-04-21 Make the README simpler and more to-the-point
85 == Documentation explanation
605162d3 » yourewelcome
2009-03-20 Release v2.0 RC1
86
60e54452 » jjb
2009-12-27 Correct URL to documentation.
87 You can find anything you want about Authlogic in the {documentation}[http://rdoc.info/projects/binarylogic/authlogic], all that you need to do is understand the basic design behind it.
605162d3 » yourewelcome
2009-03-20 Release v2.0 RC1
88
ec82400e » yourewelcome
2009-04-21 Make the README simpler and more to-the-point
89 That being said, there are 2 models involved during authentication. Your Authlogic model and your ActiveRecord model:
605162d3 » yourewelcome
2009-03-20 Release v2.0 RC1
90
d23f64e9 » yourewelcome
2009-04-25 Add some comments on testing Authlogic, with a link to Authlogic::Tes…
91 1. <b>Authlogic::Session</b>, your session models that extend Authlogic::Session::Base.
92 2. <b>Authlogic::ActsAsAuthentic</b>, which adds in functionality to your ActiveRecord model when you call acts_as_authentic.
605162d3 » yourewelcome
2009-03-20 Release v2.0 RC1
93
0823cc7d » yourewelcome
2009-04-21 Releast v2.0.10
94 Each of the above has its various sub modules that contain common logic. The sub modules are responsible for including *everything* related to it: configuration, class methods, instance methods, etc.
605162d3 » yourewelcome
2009-03-20 Release v2.0 RC1
95
60e54452 » jjb
2009-12-27 Correct URL to documentation.
96 For example, if you want to timeout users after a certain period of inactivity, you would look in <b>Authlogic::Session::Timeout</b>. To help you out, I listed the following publicly relevant modules with short descriptions. For the sake of brevity, there are more modules than listed here, the ones not listed are more for internal use, but you can easily read up on them in the {documentation}[http://rdoc.info/projects/binarylogic/authlogic].
605162d3 » yourewelcome
2009-03-20 Release v2.0 RC1
97
c355cdd2 » yourewelcome
2009-03-22 Some documentation clean up
98 === Authlogic::ActsAsAuthentic sub modules
605162d3 » yourewelcome
2009-03-20 Release v2.0 RC1
99
d23f64e9 » yourewelcome
2009-04-25 Add some comments on testing Authlogic, with a link to Authlogic::Tes…
100 These modules are for the ActiveRecord side of things, the models that call acts_as_authentic.
605162d3 » yourewelcome
2009-03-20 Release v2.0 RC1
101
d1bf2d1a » yourewelcome
2009-04-21 Fix some RDOC syntax mistakes
102 * <b>Authlogic::ActsAsAuthentic::Base</b> - Provides the acts_as_authentic class method and includes all of the submodules.
103 * <b>Authlogic::ActsAsAuthentic::Email</b> - Handles everything related to the email field.
104 * <b>Authlogic::ActsAsAuthentic::LoggedInStatus</b> - Provides handy named scopes and methods for determining if the user is logged in or out.
105 * <b>Authlogic::ActsAsAuthentic::Login</b> - Handles everything related to the login field.
b3657216 » yourewelcome
2009-05-02 Fix typo in mock request
106 * <b>Authlogic::ActsAsAuthentic::MagicColumns</b> - Handles everything related to the "magic" fields: login_count, failed_login_count, last_request_at, etc.
d1bf2d1a » yourewelcome
2009-04-21 Fix some RDOC syntax mistakes
107 * <b>Authlogic::ActsAsAuthentic::Password</b> - This one is important. It handles encrypting your password, salting it, etc. It also has support for transitioning password algorithms.
108 * <b>Authlogic::ActsAsAuthentic::PerishableToken</b> - Handles maintaining the perishable token field, also provides a class level method for finding record using the token.
109 * <b>Authlogic::ActsAsAuthentic::PersistenceToken</b> - Handles maintaining the persistence token. This is the token stored in cookies and sessions to persist the users session.
110 * <b>Authlogic::ActsAsAuthentic::RestfulAuthentication</b> - Provides configuration options to easily migrate from the restful_authentication plugin.
b3657216 » yourewelcome
2009-05-02 Fix typo in mock request
111 * <b>Authlogic::ActsAsAuthentic::SessionMaintenance</b> - Handles automatic session maintenance. EX: a new user registers, automatically log them in. Or a user changes their password, update their session.
d1bf2d1a » yourewelcome
2009-04-21 Fix some RDOC syntax mistakes
112 * <b>Authlogic::ActsAsAuthentic::SingleAccessToken</b> - Handles maintaining the single access token.
b3657216 » yourewelcome
2009-05-02 Fix typo in mock request
113 * <b>Authlogic::ActsAsAuthentic::ValidationsScope</b> - Allows you to scope all validations, etc. Just like the :scope option for validates_uniqueness_of
605162d3 » yourewelcome
2009-03-20 Release v2.0 RC1
114
c355cdd2 » yourewelcome
2009-03-22 Some documentation clean up
115 === Authlogic::Session sub modules
605162d3 » yourewelcome
2009-03-20 Release v2.0 RC1
116
d23f64e9 » yourewelcome
2009-04-25 Add some comments on testing Authlogic, with a link to Authlogic::Tes…
117 These modules are for the models that extend Authlogic::Session::Base.
605162d3 » yourewelcome
2009-03-20 Release v2.0 RC1
118
d1bf2d1a » yourewelcome
2009-04-21 Fix some RDOC syntax mistakes
119 * <b>Authlogic::Session::BruteForceProtection</b> - Disables accounts after a certain number of consecutive failed logins attempted.
b3657216 » yourewelcome
2009-05-02 Fix typo in mock request
120 * <b>Authlogic::Session::Callbacks</b> - Your tools to extend, change, or add onto Authlogic. Lets you hook in and do just about anything you want. Start here if you want to write a plugin or add-on for Authlogic
d1bf2d1a » yourewelcome
2009-04-21 Fix some RDOC syntax mistakes
121 * <b>Authlogic::Session::Cookies</b> - Authentication via cookies.
122 * <b>Authlogic::Session::Existence</b> - Creating, saving, and destroying objects.
123 * <b>Authlogic::Session::HttpAuth</b> - Authentication via basic HTTP authentication.
124 * <b>Authlogic::Session::Id</b> - Allows sessions to be separated by an id, letting you have multiple sessions for a single user.
125 * <b>Authlogic::Session::MagicColumns</b> - Maintains "magic" database columns, similar to created_at and updated_at for ActiveRecord.
126 * <b>Authlogic::Session::MagicStates</b> - Automatically validates based on the records states: active?, approved?, and confirmed?. If those methods exist for the record.
127 * <b>Authlogic::Session::Params</b> - Authentication via params, aka single access token.
128 * <b>Authlogic::Session::Password</b> - Authentication via a traditional username and password.
129 * <b>Authlogic::Session::Persistence</b> - Persisting sessions / finding sessions.
130 * <b>Authlogic::Session::Session</b> - Authentication via the session, the controller session that is.
131 * <b>Authlogic::Session::Timeout</b> - Automatically logging out after a certain period of inactivity.
b3657216 » yourewelcome
2009-05-02 Fix typo in mock request
132 * <b>Authlogic::Session::UnauthorizedRecord</b> - Handles authentication by passing an ActiveRecord object directly.
d1bf2d1a » yourewelcome
2009-04-21 Fix some RDOC syntax mistakes
133 * <b>Authlogic::Session::Validation</b> - Validation / errors.
21554776 » yourewelcome
2008-10-28 Updated readme
134
605162d3 » yourewelcome
2009-03-20 Release v2.0 RC1
135 === Miscellaneous modules
43e849c6 » yourewelcome
2008-11-03 Released v0.10.4
136
d23f64e9 » yourewelcome
2009-04-25 Add some comments on testing Authlogic, with a link to Authlogic::Tes…
137 Miscellaneous modules that shared across the authentication process and are more "utility" modules and classes.
78f5befa » yourewelcome
2009-03-23 Restructure configuration for acts_as_authentic
138
d1bf2d1a » yourewelcome
2009-04-21 Fix some RDOC syntax mistakes
139 * <b>Authlogic::AuthenticatesMany</b> - Responsible for allowing you to scope sessions to a parent record. Similar to a has_many and belongs_to relationship. This lets you do the same thing with sessions.
140 * <b>Authlogic::CryptoProviders</b> - Contains various encryption algorithms that Authlogic uses, allowing you to choose your encryption method.
141 * <b>Authlogic::I18n</b> - Acts JUST LIKE the rails I18n library, and provides internationalization to Authlogic.
142 * <b>Authlogic::Random</b> - A simple class to generate random tokens.
b3657216 » yourewelcome
2009-05-02 Fix typo in mock request
143 * <b>Authlogic::Regex</b> - Contains regular expressions used in Authlogic. Such as those to validate the format of the log or email.
d1bf2d1a » yourewelcome
2009-04-21 Fix some RDOC syntax mistakes
144 * <b>Authlogic::TestCase</b> - Various helper methods for testing frameworks to help you test your code.
145 * <b>Authlogic::Version</b> - A handy class for determine the version of Authlogic in a number of ways.
605162d3 » yourewelcome
2009-03-20 Release v2.0 RC1
146
0823cc7d » yourewelcome
2009-04-21 Releast v2.0.10
147 == Quick Rails example
605162d3 » yourewelcome
2009-03-20 Release v2.0 RC1
148
149 What if creating sessions worked like an ORM library on the surface...
e77ca8a3 » yourewelcome
2008-10-25 Updated readme
150
4b1f8faf » yourewelcome
2008-10-28 User column_names instead of colums when determining if a column exists
151 UserSession.create(params[:user_session])
e77ca8a3 » yourewelcome
2008-10-25 Updated readme
152
34b225cf » yourewelcome
2008-10-25 Updated readme
153 What if your user sessions controller could look just like your other controllers...
1b98335c » yourewelcome
2008-10-24 Initial commit
154
155 class UserSessionsController < ApplicationController
156 def new
157 @user_session = UserSession.new
158 end
29846f55 » yourewelcome
2011-05-04 update readme
159
1b98335c » yourewelcome
2008-10-24 Initial commit
160 def create
161 @user_session = UserSession.new(params[:user_session])
35f14baf » yourewelcome
2008-10-27 Released v0.10.0
162 if @user_session.save
c93bec2d » yourewelcome
2008-10-24 Changed scope to id
163 redirect_to account_url
1b98335c » yourewelcome
2008-10-24 Initial commit
164 else
165 render :action => :new
166 end
167 end
29846f55 » yourewelcome
2011-05-04 update readme
168
1b98335c » yourewelcome
2008-10-24 Initial commit
169 def destroy
ebdebfa9 » yourewelcome
2008-11-13 Released v1.1.1
170 current_user_session.destroy
4caccd0b » yourewelcome
2008-11-19 Released 1.2.1
171 redirect_to new_user_session_url
1b98335c » yourewelcome
2008-10-24 Initial commit
172 end
173 end
174
605162d3 » yourewelcome
2009-03-20 Release v2.0 RC1
175 As you can see, this fits nicely into the RESTful development pattern. What about the view...
1b98335c » yourewelcome
2008-10-24 Initial commit
176
9867c497 » mindbreaker
2012-02-22 Change login-view to Rails 3 in readme
177 <%= form_for @user_session do |f| %>
178 <% if @user_session.errors.any? %>
179 <div id="error_explanation">
eba5bebe » mindbreaker
2012-02-22 Change login-view to Rails 3 in readme
180 <h2><%= pluralize(@user_session.errors.count, "error") %> prohibited:</h2>
9867c497 » mindbreaker
2012-02-22 Change login-view to Rails 3 in readme
181 <ul>
182 <% @user_session.errors.full_messages.each do |msg| %>
183 <li><%= msg %></li>
184 <% end %>
185 </ul>
186 </div>
187 <% end %>
1b98335c » yourewelcome
2008-10-24 Initial commit
188 <%= f.label :login %><br />
189 <%= f.text_field :login %><br />
190 <br />
191 <%= f.label :password %><br />
192 <%= f.password_field :password %><br />
193 <br />
194 <%= f.submit "Login" %>
195 <% end %>
196
34b225cf » yourewelcome
2008-10-25 Updated readme
197 Or how about persisting the session...
1b98335c » yourewelcome
2008-10-24 Initial commit
198
199 class ApplicationController
ebdebfa9 » yourewelcome
2008-11-13 Released v1.1.1
200 helper_method :current_user_session, :current_user
29846f55 » yourewelcome
2011-05-04 update readme
201
dbd8b8f5 » yourewelcome
2008-11-16 Release v1.2.0
202 private
ebdebfa9 » yourewelcome
2008-11-13 Released v1.1.1
203 def current_user_session
204 return @current_user_session if defined?(@current_user_session)
205 @current_user_session = UserSession.find
206 end
29846f55 » yourewelcome
2011-05-04 update readme
207
69f2c2b6 » yourewelcome
2009-01-09 Add a logout_on_timeout configuration option for Session::Base
208 def current_user
ebdebfa9 » yourewelcome
2008-11-13 Released v1.1.1
209 return @current_user if defined?(@current_user)
210 @current_user = current_user_session && current_user_session.user
1b98335c » yourewelcome
2008-10-24 Initial commit
211 end
212 end
213
0f38680b » yourewelcome
2009-04-18 Update README and move setup tutorial to authlogic_example
214 == Install & Use
c355cdd2 » yourewelcome
2009-03-22 Some documentation clean up
215
40c0e16d » yourewelcome
2012-06-13 update readme a little
216 Add to your gem file
1b98335c » yourewelcome
2008-10-24 Initial commit
217
40c0e16d » yourewelcome
2012-06-13 update readme a little
218 gem 'authlogic'
1b98335c » yourewelcome
2008-10-24 Initial commit
219
0823cc7d » yourewelcome
2009-04-21 Releast v2.0.10
220 == Detailed Setup Tutorial
35f14baf » yourewelcome
2008-10-27 Released v0.10.0
221
0823cc7d » yourewelcome
2009-04-21 Releast v2.0.10
222 See the {authlogic example}[http://github.com/binarylogic/authlogic_example/tree/master] for a detailed setup tutorial. I did this because not only do you have a tutorial to go by, but you have an example app that uses the same tutorial, so you can play around with with the code. If you have problems you can compare the code to see what you are doing differently.
40267c6c » yourewelcome
2009-04-16 Update README with more thoroughh tutorial, the tutorial on my blog w…
223
d23f64e9 » yourewelcome
2009-04-25 Add some comments on testing Authlogic, with a link to Authlogic::Tes…
224 == Testing
225
226 I think one of the best aspects of Authlogic is testing. For one, it cuts out <b>a lot</b> of redundant tests in your applications because Authlogic is already thoroughly tested for you. It doesn't include a bunch of tests into your application, because it comes tested, just like any other library.
227
228 For example, think about ActiveRecord. You don't test the internals of ActiveRecord, because the creators of ActiveRecord have already tested the internals for you. It wouldn't make sense for ActiveRecord to copy it's hundreds of tests into your applications. The same concept applies to Authlogic. You only need to test code you write that is specific to your application, just like everything else in your application.
229
faa063f8 » yourewelcome
2009-08-16 Fix compatibility issue with rails >3.0 wanting the model_name class …
230 That being said, testing your code that uses Authlogic is easy. Since everyone uses different testing suites, I created a helpful module called Authlogic::TestCase, which is basically a set of tools for testing code using Authlogic. I explain testing Authlogic thoroughly in the {Authlogic::TestCase section of the documentation}[http://rdoc.info/rdoc/binarylogic/authlogic/blob/f2f6988d3b97e11770b00b72a7a9733df69ffa5b/Authlogic/TestCase.html]. It should answer any questions you have in regards to testing Authlogic.
d23f64e9 » yourewelcome
2009-04-25 Add some comments on testing Authlogic, with a link to Authlogic::Tes…
231
ec82400e » yourewelcome
2009-04-21 Make the README simpler and more to-the-point
232 == Tell me quickly how Authlogic works
21554776 » yourewelcome
2008-10-28 Updated readme
233
b3657216 » yourewelcome
2009-05-02 Fix typo in mock request
234 Interested in how all of this all works? Think about an ActiveRecord model. A database connection must be established before you can use it. In the case of Authlogic, a controller connection must be established before you can use it. It uses that controller connection to modify cookies, the current session, login with HTTP basic, etc. It connects to the controller through a before filter that is automatically set in your controller which lets Authlogic know about the current controller object. Then Authlogic leverages that to do everything, it's a pretty simple design. Nothing crazy going on, Authlogic is just leveraging the tools your framework provides in the controller object.
21554776 » yourewelcome
2008-10-28 Updated readme
235
ec82400e » yourewelcome
2009-04-21 Make the README simpler and more to-the-point
236 == What sets Authlogic apart and why I created it
21554776 » yourewelcome
2008-10-28 Updated readme
237
8c8e079e » yourewelcome
2009-04-25 Release v2.0.11
238 What inspired me to create Authlogic was the messiness of the current authentication solutions. Put simply, they just didn't feel right, because the logic was not organized properly. As you may know, a common misconception with the MVC design pattern is that the model "M" is only for data access logic, which is wrong. A model is a place for domain logic. This is why the RESTful design pattern and the current authentication solutions don't play nice. Authlogic solves this by placing the session maintenance logic into its own domain (aka "model"). Moving session maintenance into its own domain has its benefits:
ec0eb78e » yourewelcome
2008-10-31 Updated readme
239
ec82400e » yourewelcome
2009-04-21 Make the README simpler and more to-the-point
240 1. <b>It's cleaner.</b> There are no generators in Authlogic. Authlogic provides a class that you can use, it's plain and simple ruby. More importantly, the code in your app is code you write, written the way you want, nice and clean. It's code that should be in your app and is specific to your app, not a redundant authentication pattern.
2af08aba » yourewelcome
2009-04-21 Add a quick model explanation in the README
241 2. <b>Easier to stay up-to-date.</b> To make my point, take a look at the commits to any other authentication solution, then look at the {commits for authlogic}[http://github.com/binarylogic/authlogic/commits/master]. How many commits could you easily start using if you already had an app using that solution? With an alternate solution, very few, if any. All of those cool new features and bug fixes are going to have be manually added or wait for your next application. Which is the main reason a generator is not suitable as an authentication solution. With Authlogic you can start using the latest code with a simple update of a gem. No generators, no mess.
061fac1c » yourewelcome
2009-09-12 Bump to v2.1.2
242 3. <b>It ties everything together on the domain level.</b> Take a new user registration for example, no reason to manually log the user in, authlogic handles this for you via callbacks. The same applies to a user changing their password. Authlogic handles maintaining the session for you.
ec82400e » yourewelcome
2009-04-21 Make the README simpler and more to-the-point
243 4. <b>No redundant tests.</b> Because Authlogic doesn't use generators, #1 also applies to tests. Authlogic is *thoroughly* tested for you. You don't go and test the internals of ActiveRecord in each of your apps do you? So why do the same for Authlogic? Your application tests should be for application specific code. Get rid of the noise and make your tests focused and concise, no reason to copy tests from app to app.
4732d057 » yourewelcome
2009-04-25 Add note about rails cookie store bug for sessions.
244 5. <b>Framework agnostic</b>. Authlogic can be used in *any* ruby framework you want: Rails, Merb, Sinatra, Mack, your own framework, whatever. It's not tied down to Rails. It does this by abstracting itself from these framework's controllers by using a controller adapter. Thanks to {Rack}[http://rack.rubyforge.org/], there is a defined standard for controller structure, and that's what Authlogic's abstract adapter follows. So if your controller follows the rack standards, you don't need to do anything. Any place it deviates from this is solved by a simple adapter for your framework that closes these gaps. For an example, checkout the Authlogic::ControllerAdapters::MerbAdapter.
ec82400e » yourewelcome
2009-04-21 Make the README simpler and more to-the-point
245 5. <b>You are not restricted to a single session.</b> Think about Apple's me.com, where they need you to authenticate a second time before changing your billing information. Why not just create a second session for this? It works just like your initial session. Then your billing controller can require an "ultra secure" session.
72992b9e » reinh
2009-06-07 Fix misplaced apostrophe in README
246 6. <b>Easily extendable.</b> One of the distinct advantages of using a library is the ability to use its API, assuming it has one. Authlogic has an *excellent* public API, meaning it can easily be extended and grow beyond the core library. Checkout the "add ons" list above to see what I mean.
ec0eb78e » yourewelcome
2008-10-31 Updated readme
247
1b98335c » yourewelcome
2008-10-24 Initial commit
248
40c0e16d » yourewelcome
2012-06-13 update readme a little
249 Copyright (c) 2012 {Ben Johnson of Binary Logic}[http://www.binarylogic.com], released under the MIT license
Something went wrong with that request. Please try again.