Skip to content

Guest accounts for Rodauth authentication framework

License

Notifications You must be signed in to change notification settings

janko/rodauth-guest

Repository files navigation

rodauth-guest

Provides guest user functionality for Rodauth.

Installation

Add the gem to your project:

$ bundle add rodauth-guest

Usage

Start by enabling the guest feature in your Rodauth configuration:

plugin :rodauth do
  enable :guest
end

The feature provides the ability to automatically create and log in anonymous accounts when no account is not logged in. You just need to choose for which routes you want to allow guest users:

route do |r|
  r.rodauth # route rodauth requests

  if r.path.start_with?("/dashboard")
    rodauth.allow_guest # automatically creates a guest account
  end
end

The guest account will be logged in the same way normal accounts are, so logged_in? & authenticated? will return true, and session_value will return the guest account ID.

If you want to check whether the logged in account is a guest account:

if rodauth.guest_logged_in?
  # ...
end

Guest creation

Guest accounts are unverified by default, and have a random email address in the form of guest_<RANDOM_STRING>@example.com.

rodauth.account_from_session
rodauth.account #=> { id: 1, status_id: 1, email: "guest_32978759-77bc-4293-ab8f-f1b96b9f178b@example.com" }

You can set additional column data on guest account creation:

# in a schema migration:
add_column :accounts, :guest, :boolean, default: true
before_create_guest do
  account[:guest] = true
end

To override new email generation:

new_guest_login { "guest_#{SecureRandom.hex}@example.com" }

Or just the unique suffix:

guest_unique_suffix { SecureRandom.hex }

Guest deletion

The logged in guest account is automatically deleted when a new account is created. You can use a before hook to transfer any data from the guest account into the new user:

before_delete_guest do
  # session_value - guest account ID
  # account_id - new account ID
  db[:articles].where(account_id: session_value).update(account_id: account_id)
end

You can also skip deletion of the guest record on account creation (by default it's skipped when create_account_autologin? is false):

delete_guest_on_create? false

Development

Run tests with Rake:

$ bundle exec rake test

License

The gem is available as open source under the terms of the MIT License.

Code of Conduct

Everyone interacting in the rodauth-guest project's codebases, issue trackers, chat rooms and mailing lists is expected to follow the code of conduct.

Thanks

This gem was inspired by devise-guests.

About

Guest accounts for Rodauth authentication framework

Resources

License

Code of conduct

Stars

Watchers

Forks

Packages

No packages published

Languages