As found in the Book of Rails, Chapter 13, Verse 26-28:
“26. In The Beginning there was the LoginGenerator, whom didst spawn
many working Rails applications. But the peoples of Railtopia were
unsettled after a time. And, lo, LoginGenerator did eventually beget
SaltedHashLoginGenerator, which included better salting and
localization, and email verification, singing like heralds upon high.
27. And the children of SaltedHashLoginGenerator where fruitful, and
partied like it was 1999. Except it was 2005.
28. Then, some weirdo developed Rails engines, and was particularly
lazy in the eyes of the Lord, totally ripping off
SaltedHashLoginGenerator as an example of his wicked way…”
In a nutshell, there’s the original LoginGenerator, on which lots of
authentication systems are based. One of these is the
SaltedHashLoginGenerator, which adds a few features including
localization and email verification. I believe Deirdre SM has stepped
in to maintain this - she’ll know better where it’s future lies.
The LoginEngine is an example of a development technique
(http://rails-engines.org) which is heavily based on the SHLG.
Feature-wise they are pretty much identical, although email is now
optional, and the localization was totally removed. It continues to be
developed and refined, and is very much open to public scrutiny and
Your choice between using a generator and using an engine (any engine,
the LoginEngine isn’t the only possible authentication system possible
using engines) should be based on how you evaluate the merits of
either mechanism for sharing/reusing code. My personal view/propaganda
is here: http://rails-engines.org/wiki/pages/Engines+vs.+Generators
Whichever you choose, be prepared to get intimate with the code -
there’s no excuse for not working to understand how this code is going
to function within your application! Good luck