Hi all,
I am implementing a site that given a login/pass will log the user into
a page whose url contains the login name (a la del.icio.us). Anyone
can see this page, but if you are logged in, certain operations become
available (ie, modify your profile).
Is there a good existing framework that could do the heavy lifting for
me? If not, are there any suggestions on which approach to take?
Thanks,
Ajay
Login is a huge debate topic in the Rails world. There are many options
Salted Hash Login Generator
login engine
RBAC login engine
…The generator method seems dead and people either roll their own or use
an engine.DHH would argue you must roll your own and the second edition of Agile
Web D. with Rails pdf will get you started with salts etcPeter
Hi Peter,
Thanks for the information. Since posting the question, I read over
that section in the 2nd edition of Agile Web D. with Rails.
Ajay Kapal wrote:
Hi all,
I am implementing a site that given a login/pass will log the user into
a page whose url contains the login name (a la del.icio.us). Anyone
can see this page, but if you are logged in, certain operations become
available (ie, modify your profile).Is there a good existing framework that could do the heavy lifting for
me? If not, are there any suggestions on which approach to take?
Login is a huge debate topic in the Rails world. There are many options
Salted Hash Login Generator
login engine
RBAC login engine
…
The generator method seems dead and people either roll their own or use
an engine.
DHH would argue you must roll your own and the second edition of Agile
Web D. with Rails pdf will get you started with salts etc
Peter
I just built a security schema surrounding the login engine.
Watch out - I had to modify just about everyfile because the word
“PASSWORD” is reserved in SQL92, and my SQL92 compliant RDBMS choked
on most of the login queries.
Still, it only took me an evening to build the core of my security
modules around this simple engine.
Most “gotchas” I have seen so far with Rails concern the use of
reserved words.
This forum is not affiliated to the Ruby language, Ruby on Rails framework, nor any Ruby applications discussed here.
Sponsor our Newsletter | Privacy Policy | Terms of Service | Remote Ruby Jobs