Manage users through a web service

Rails
1

First of all, I’ll apologize because this is going to be more of a
general setup question rather than a specific coding question. I’m
relatively new to Rails and I’ve never built a web service before. So,
here’s my problem:

I’m building 3 new applications that all relate to one another, but can
also be stand-alone. Meaning a user can register with each one
individually. However, one of the requirements is to only have one
login. So once a user registers with any of the 3 applications, they
are then in the system and can use the same username/password they’ve
registered.

Now, it seems to me that this is a perfect situation to have a web
service to manage users. If not, you can stop here and possibly explain
a better solution? (Note: I don’t want to use openID).

Here are the things I would want to do in the web service:

  1. Register a user, saving all information to the webservice (but only
    email and password will be required).
  2. Login a user, returning their user_id to be held in session. This
    would require a call to the webservice to verify that the user exists,
    and if not, prompt them to register.

Those are the absolute minimum requirements. Now, what else should I
have? I want to keep track of last logins and login attempts as well,
so I was thinking about having the following tables: Users, Audits,
Logs. Users is obvious, Audits would keep track of logins and attempts,
Logs would record eroneous errors (or should I use a flat file for
that?).

If you’ve made it this far, and that sounds reasonable, what type of
code needs to be written to connect to the webservice? I’m not
completely sure I know how it works. Would I have a method like
“verify_user(email, pwd)” that would return xml data if the user exists,
and an error code if they don’t?

I’ll stop here for now, and ask more coding-type questions once I figure
out the general idea of how to accomplish this. If someone can explain
the basics of an implementation to have one way to track multiple users
across 3 applications, I’m open to suggestions.

Again, I’m sorry this is kind of general, but I didn’t know which forum
would be most appropriate. Thanks for any help on this matter.

2

Hi~

On Dec 27, 2006, at 5:11 PM, rph wrote:

individually. However, one of the requirements is to only have one

attempts,
I’ll stop here for now, and ask more coding-type questions once I
figure
out the general idea of how to accomplish this. If someone can
explain
the basics of an implementation to have one way to track multiple
users
across 3 applications, I’m open to suggestions.

Again, I’m sorry this is kind of general, but I didn’t know which
forum
would be most appropriate. Thanks for any help on this matter.

While you could do this with a webservice there may exist an easier

solution. If you control all three of these rails apps that need to
work together then you may want to consider letting all 3 apps use
the same database for at least the users table. That is probably the
simplest way to share users between apps.

I'll let someone else chime in about a webservice approach but it

feels like a little bit of over kill to me for just sharing users.

Cheers
– Ezra Z.
– Lead Rails Evangelist
[email protected]
– Engine Y., Serious Rails Hosting
– (866) 518-YARD (9273)

3

Ezra Z. wrote:

Hi~

On Dec 27, 2006, at 5:11 PM, rph wrote:

individually. However, one of the requirements is to only have one

attempts,
I’ll stop here for now, and ask more coding-type questions once I
figure
out the general idea of how to accomplish this. If someone can
explain
the basics of an implementation to have one way to track multiple
users
across 3 applications, I’m open to suggestions.

Again, I’m sorry this is kind of general, but I didn’t know which
forum
would be most appropriate. Thanks for any help on this matter.

While you could do this with a webservice there may exist an easier
solution. If you control all three of these rails apps that need to
work together then you may want to consider letting all 3 apps use
the same database for at least the users table. That is probably the
simplest way to share users between apps.

I’ll let someone else chime in about a webservice approach but it
feels like a little bit of over kill to me for just sharing users.

Cheers
– Ezra Z.
– Lead Rails Evangelist
[email protected]
– Engine Y., Serious Rails Hosting
– (866) 518-YARD (9273)

Thank you… excellent point. How would that work, though? If I had a
database for the users part of the applications (users_production), and
the next application had its own database (app1_production), how would I
connect to the users_production database to let the app1 application use
the users table? I originally thought about that, but thought that it
would make more sense to keep them separate, but I completely see your
point. I just don’t know how to do it. Any thoughts on this? Or other
thoughts? Thanks again.

4

Hi, I short you will need a database or other persistence for holding
the users’ ids and password for validating against.

Next, you can create your webservice in the language of your choice
but I will use ruby in my explaination. This webservice will either
communicate to your persistent entities using Rails AR or the Ruby
gdbm module.

Now, you will create a standalone SOAP server that regsiters your
webservice. See Page 249 of “Programming Ruby” for more detail.

Finally, you should be able to refactor existing authetication schemes
to easily use your web service.

Good luck,

-Cconrad

5

Hi, there maybe few glitches in the scheme but I’m sure that you can
figure it out and they should by obvious to you. I must get back to
shopping with my girl friend and I wish you all the best.

Good luck,

-Conrad

6

rph wrote:

figure

– Ezra Z.
thought that it would make more sense to keep them separate, but I
completely see your point. I just don’t know how to do it. Any
thoughts on this? Or other thoughts? Thanks again.

Its relatively simple:

In database.yml file of app1_production:

users:
adapter: mysql
database: original_users
host: localhost
username: connector
password: wtf

So, in the model of same app, you would say:

class User < ActiveRecord::Base
if RAILS[‘env’] == ‘production’
establish_connections :users
else
# normal test thingy
end

rest of the model code comes here unhindered.

end

7

Hemant K. wrote:

rph wrote:

figure

– Ezra Z.
thought that it would make more sense to keep them separate, but I
completely see your point. I just don’t know how to do it. Any
thoughts on this? Or other thoughts? Thanks again.

Its relatively simple:

In database.yml file of app1_production:

users:
adapter: mysql
database: original_users
host: localhost
username: connector
password: wtf

So, in the model of same app, you would say:

class User < ActiveRecord::Base
if RAILS[‘env’] == ‘production’
establish_connections :users
else
# normal test thingy
end

rest of the model code comes here unhindered.

end

Ok, that seems simple enough. So when you call establish_connections
:users does that allow the other database (app1_development) to have its
connection as well? Basically, is the users definition in the
database.yml file an additional connection criteria along side of
app1_production? So the default for my other models would still be to
use app1_production, while I’m specifically telling my User model to use
the :users connection? Sorry for asking for additional explanation.
Thanks a lot for your help, I think this is the way to go for what I
need to do.