geekee edited this page May 22, 2012 · 30 revisions

Welcome to the Sorcery wiki!

This wiki is a work in progress, and constantly improving.


Known incompatibilities


Sorcery is a stripped-down, bare-bones authentication library, with which you can write your own authentication flow. It was built with a few goals in mind:

  • Less is more - less than 20 public methods to remember for the entire feature-set make the library easy to 'get'.
  • No built-in or generated code - use the library's methods inside your own MVC structures, and don't fight to fix someone else's.
  • Magic yes, Voodoo no - the lib should be easy to hack for most developers.
  • Configuration over Confusion - Simple & short configuration as possible, not drowning in syntactic sugar.
  • Keep MVC cleanly separated - DB is for models, sessions are for controllers. Models stay unaware of sessions.

Hopefully, I've achieved this. If not, let me know.

You can see how controllers, models, migrations and views can be used in Rails 3 with Sorcery by checking out this example application.

There is also a mongoid branch at the same URL, showing how you can use Mongoid as your ORM.

Rails 3 Tutorials:

Simple Password Authentication | Remember Me | Session Timeout

User Activation | HTTP Basic Auth | Reset Password

Activity Logging | Brute Force Protection | External

Testing Tutorials:

Testing Rails 3

Developer Tutorials:

Running the specs | Under the hood - overall design

Sinatra Tutorials (Legacy - not supported anymore):

Basic Sinatra Usage | Testing Sinatra