I’m please to announce, after 4 weeks of development, that I’ve just
released the first version of sorcery gem:
sorcery is an authentication gem plugin for Rails 3 inspired by
Authlogic, Devise and restful-authentication. You can see how it is used
with an example application here:
This gem plugin was started because:
- I wanted to write something 100% TDD from start to finish.
- I wanted to learn how to write an engine for Rails 3.
In addition to the above I had some plugin goals:
- Simple config
- Keep MVC.
- Magic yes, Voodoo no.
- No generated code.
- No built-in controllers, models, mailers, migrations or templates;
Real apps will need all of these custom made anyway.
Hopefully, I’ve achieved this. If not, let me know.
== Current Features:
- Basic Login/Logout.
- Password encryption with configurable algorithm.
- User activation by email with optional success email.
- Reset password with email verification.
- Remember me with configurable expiration.
- Configurable session timeout.
- Brute force login hammering protection.
- Modular design, load only the modules you need.
- 100% TDD’d code, 100% test coverage (100+ specs).
== Where from here:
fix bugs when found.
improve existing features.
add new features.
I’ve got many plans which include:
- Basic HTTP Authentication
- Auto login
- Other reset password strategies (security questions?)
- Sinatra support
- Mongoid support
- OmniAuth integration
- Activity logging
- Have an idea? Let me know, and it might get into the gem!
That’s it for now,
Hope you will try it and let me know what you think.