Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with HTTPS or Subversion.

Download ZIP

Loading…

Standalone Padrino authentication solution #468

Open
achiu opened this Issue · 24 comments
@achiu
Owner

padrino-admin has a pretty good start on this. I think it be good if we can extract that out into its own(like merb-auth) so users can swap the authentication in an out. Maybe we could have it be like Devise for Padrino/Sinatra ?

@railsjedi

sounds great. I think this would be awesome. I'll see if I can extract something similar to devise thats based on warden.

@nesquena
Owner

Really excited about this idea. I would love a Devise type solution (but in the sinatra style). padrino-warden is a good start but I could see something warden based but being modular and potentially more full featured.

@pepe

That would be cool!

@wayneeseguin

Most excellent and definitely needed. Being new to Padrino that was one of the first items I was looking for.
Warden integration by default would be best.

@rbq
rbq commented

+1

I don't really need an authentication solution but imho the admin app would become more useful if you could create it without any auth stuff included.

@achiu achiu was assigned
@DAddYE
Owner

Mmm this is pretty difficult because auth stuff is managed by:

1) account.rb # that fits each orm
2) sessions.rb # that handle Account.authenticate

So if you want to replace builtin auth the only thing to do in (99% of cases) is change only:

# account.rb
def self.authenticate
  my_own_auth
end
@rakaur

Shouldn't we take #384 into account, or has this gaping insecurity been addressed?

@myabc

+1

@snowyu

What's about using the padrino-warden and porting the devise for rails to padrino?

@postmodern

This should be similar or built on-top of padrino-warden. In my app I would like to specify the User model, login/logout paths, and authentication param names.

@dariocravero
Collaborator

:+1: Similar: #132 #428. @lenzcom sinatra-authentication looks nice but it mixes authentication with authorisation and those should preferably be separated.

@DAddYE
Owner

What about if next version will come with a simple http basic auth and a couple of api to unplug it and add devise or sinatra-auth ?

@postmodern

I would support sinatra-warden. sinatra-authentication does not use warden, so I don't trust it too much. Didn't Devise go Rails only?

@dariocravero
Collaborator

@DAddYE what you're proposing makes sense since it would simplify the offering and allow for better reusability. Even more, with a clear interface adding new solutions or integrating existing ones would be way easier. If it gains too much relevance we could even add them as part of the generator or put them on the plugins.

@postmodern yes, Devise is tied with Rails. Why not choosing padrino-warden instead (it's already based on sinatra-warden) and help making it better if it needs to?

@viacoffee

I think an authentication API like @DAddYE said would make sense. That way people can plug & play whatever authentication library they want. Essentially it would just be hooks that other auth libraries could use?

@ainformatico

The API sounds great, but using padrino admin auth too. I', thinking a way where they both can live together. The new awesome API can use by default the padrino admin auth, I think that means moving the admin auth templates outside the admin app, what do you think?

@postmodern

@dariocravero Oops, turns out one of my padrino projects is already using padrino-warden with dm-is-authenticatable.

@nesquena
Owner

I've used padrino-warden without issue several times and it works really well as a basic solution. Seems like that + dm-is-authenticatable is a great combination.

@achiu
Owner

padrino-warden is what I used and what inspired me to open this issue. The difference is that instead of using the gem I duplicated the code into my app so I can make more in-depth changes. This gives me control over the paths, parameters expected, and models that are associated with authentication.
What I end up doing too is breaking out the authentication into its own 'subapp' with my other apps referencing that when authentication is needed. This felt like a nice way to make it a more 'drop-in' authentication solution that padrino can generate for you.

@ghost

@dariocravero: yes, you're right. that must be a flexible aspect of such a system..

@ujifgc ujifgc was assigned
@ujifgc ujifgc removed their assignment
@ujifgc ujifgc modified the milestone: 1.0.0, 0.12.1
@nesquena nesquena modified the milestone: 1.0.0, 0.13.0
@nesquena
Owner

@ujifgc I know you put some effort behind this here https://github.com/ujifgc/padrino-auth just wanted record for later review in this issue. I don't think we should release a 1.0 without completing a reasonable authentication solution and this looks like a good start.

@dariocravero
Collaborator
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Something went wrong with that request. Please try again.