Restful Authentication routes

tomtt · March 7, 2007, 10:09am

Hi all,

I’ve been messing with Restful Authentication on Rails 1.2.2. I’m
having trouble setting up the routes. In routes.rb I have:

map.resources :users
map.resources :sessions

As per the documentation.

However, I need to add routes for:

The action ‘destroy’ in the sessions controller - that’s simple
enough.
The action ‘activate’ in the users controller - with the
activation_code parameter passed in too.

Can anyone explain how to do #2?

Bonus question - should I be using singleton resources, as mentioned
in the comments on:

http://agilewebdevelopment.com/plugins/restful_authentication

Thanks a lot,

Tom

tomtt · March 7, 2007, 12:28pm

I’m stuck here too…no mention of this in documentation (that I could
see). When I click on the activate link in the activation email it
errors “no route found to match “/activate/d8e1326e13c18a” with
{:method=>:get}”

tomtt · March 7, 2007, 6:07pm

Will /logout still require a DELETE method this way or will it accept
GET?

RSL

tomtt · March 7, 2007, 6:20pm

The action ‘activate’ in the users controller - with the
activation_code parameter passed in too.

I have this route to handle activation:

map.activate ‘/activate/:id’, :controller => ‘users’, :action =>
‘activate’

And these are some other routes that I find useful:

map.reactivate ‘/reactivate/:id’, :controller => ‘users’, :action =>
‘reactivate’
map.lostpassword ‘/lostpassword’, :controller => ‘users’, :action =>
‘lostpassword’
map.resetpassword ‘/resetpassword’, :controller => ‘users’, :action
=> ‘resetpassword’

tomtt · March 7, 2007, 5:56pm

The action ‘destroy’ in the sessions controller - that’s simple
enough.

map.connect ‘logout’, :controller => ‘sessions’, :action => ‘destroy’

The action ‘activate’ in the users controller - with the
activation_code parameter passed in too.

use :code, :token, :id, :foobarbaz, whatever you like

map.connect ‘activate/:code’, :controller => ‘users’, :action =>
‘activate’

Bonus question - should I be using singleton resources, as mentioned
in the comments on:

The last time the plugin was updated was before singleton resources.
Please do send in a nice patch if you’d like to see singleton
resources in the restful auth plugin.

–
Rick O.
http://weblog.techno-weenie.net
http://mephistoblog.com

tomtt · March 7, 2007, 6:32pm

On 3/7/07, Russell N. [email protected] wrote:

Will /logout still require a DELETE method this way or will it accept GET?

The Session#Destroy in its default state accepts a get. i.e. /logout.

It’s not destroying an Active Record object, just the session, so I
think it’s a useful feature. Note that restful_authenttication doesn’t
have a User#Destroy method- that would certainly need a delete method.

tomtt · March 7, 2007, 6:48pm

That makes sense. I decided to try it for myself and as I was writing it
I
realized that my new logout_url wouldn’t be part of the map.resources
and
thus not bound by its methods. Heh.

RSL

tomtt · March 8, 2007, 2:24pm

On Mar 7, 4:55 pm, “Rick O.” [email protected] wrote:

The action ‘activate’ in the users controller - with the
activation_code parameter passed in too.

use :code, :token, :id, :foobarbaz, whatever you like

map.connect ‘activate/:code’, :controller => ‘users’, :action => ‘activate’

I ended up doing:

map.resources :users, :collection => { :activate => :any }

I figured it was a little more… RESTful!

The last time the plugin was updated was before singleton resources.
Please do send in a nice patch if you’d like to see singleton
resources in the restful auth plugin.

I’ve just been through and converted it all, so I’ll throw something
together now.

Cheers,

Tom

tomtt · March 7, 2007, 6:23pm

Okay guys,

first of all, I’ve hacked the restful authentication stuff to suit my
tastes better. I’ll give you the short answer first and then explain
it a bit:

map.resource :account
map.account_activation ‘/account/activate/:activation_code’,
:controller => ‘account’, :action => ‘activate’

Then to generate the the URL for activation I call:

account_activation_url(:activation_code => user.activation_code)

A couple of things to note:

1 - My model is called User
2 - My end-user-visible signup and preferences/password management is
done through AccountController which is a singleton because users
can’t see other users and you can only have one account.
3 - Administrators can see other users (plus extra data users can’t
see about themselves) so for that purpose they have a UsersController

Hopefully that explains why I chose :account as a singleton rather
than a collection.

And, that should also illustrate that yes, your :session resource is
also a singleton - each HTTP session can only have one logical
session so it’s a singleton.

HTH,
Trevor