Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with HTTPS or Subversion.

Download ZIP
Rails 2.3 engine based on the Authlogic gem to provide an instant authentication solution on a new or existing site.
branch: master

This branch is 14 commits ahead, 66 commits behind angantyr:master

Fetching latest commit…

Cannot retrieve the latest commit at this time

Failed to load latest commit information.
app
config
db/migrate
features
lib
public
spec
tasks
test
.gitignore
MIT-LICENSE
README.rdoc
Rakefile
init.rb
install.rb
uninstall.rb

README.rdoc

AuthenticationEngine

This engine will give you an instant authentication system for a new site, including support for user registration, openID authentication, and password resets via email. You will be able to customize look and feel, but it works right out of the box. Even with a completely empty app. ;-)

This Rails 2.3 engine is using the excellent Authlogic gem (github.com/binarylogic/authlogic/tree/master) from Ben Johnson at BinaryLogic, and is based on the sample application for that gem.

Requirements

  1. You need Rails 2.3! This engine is not based on the rails-engines plugin.

  2. You need the Authlogic gem, but it will prompt for the gem if it's missing

  3. The OpenID Authentication plugin. Yes, I built in OpenID support by default.

  4. The authlogic_oid gem.

Installation

$ script/plugin install git://github.com/angantyr/authentication_engine.git

$ script/plugin install git://github.com/rails/open_id_authentication.git

$ script/plugin install git://github.com/iain/i18n_label.git

$ rake authentication_engine:sync

$ rake db:migrate

the authentication_engine:sync rake task does the following, so use it with care on an existing site:

  1. moves the migration files over to db/migrate

  2. moves an authentication_config.yml file and it's initializer into config

  3. moves a mailer template over. rails doesn't seem to pick up mailer templates inside engines

Configuration

A couple of simple steps to get up and running:

In your application_controller.rb, you need to include authentication_system, like so:

class ApplicationController < ActionController::Base
  include AuthenticationEngine
  include LocalizedSystem

  helper :all # include all helpers, all the time
  protect_from_forgery # See ActionController::RequestForgeryProtection for details
end

If you are starting with a completely empty rails site, add a site root like this:

map.root :controller => "home", :action => "index"

and remove index.html in public folder,

and then for every controller you want to protect, simply add:

class WidgetsController < ApplicationController
  before_filter :require_user
	...
end

or use a combination of user requirements on a per action level:

before_filter :require_no_user, :only => [:new, :create] before_filter :require_user, :only => :destroy

In your application layout include the javascript defaults if you are not already:

<%= javascript_include_tag :defaults %>

(This is only used for for switching between standard and openid login forms.)

In your layouts and views you can also call the login status bar:

<%= render :partial => 'shared/user_status' %>

Testing

Just remember to add this line to your routes.rb:

map.root :controller => "home", :action => "index"

First, you need to install the basic gems:

$ gem install rspec-rails
$ gem install cucumber
$ gem install webrat
$ gem install bmabey-email_spec -s http://gems.github.com
$ script/generate rspec
$ script/generate cucumber
$ script/generate email_spec

Then you can test the features of authentication_engine via rake command:

$ rake authentication_engine:features

Or test it manually:

$ rake db:test:prepare
$ cucumber vendor/plugins/authentication_engine/features

To-Do List

Build out admin interfaces, which will expose full data on the included models. This step will also require some kind of authorization scheme. I'm currently planning on using the authorization plugin. Any thoughts on that are welcome. Perhaps that gets rolled into a separate authorization_engine ?

Wish List

  • OpenID-based User creation: I would love for the user creation to use the OpenID functionality to the fullest.

Credits

On this one, all credit goes to Ben Johnson at BinaryLogic for providing a fresh start on authentication systems for Rails: github.com/binarylogic/authlogic/tree/master

Enjoy!

Copyright © 2009 Mans Angantyr, released under the MIT license

Something went wrong with that request. Please try again.