Forum: Ruby on Rails Why no login modules?

Announcement (2017-05-07): is now read-only since I unfortunately do not have the time to support and maintain the forum any more. Please see and for other Rails- und Ruby-related community platforms.
4bd34a2216dc8bdbf1f017f64e4d59e8?d=identicon&s=25 Kyle Maxwell (Guest)
on 2006-01-26 21:13
(Received via mailing list)
Given all of the login/component controversy, and the multiple
efforts, I've really been surprised that no one AFAIK has taken a
module approach to logins / authentication.  It seems that the
generator and engines approaches are the way to go.

I assume this mentality is due to the desire to include login pages,
password recovery pages, etc.  But what if a plugin usage looked like

class MyUser < ActiveRecord::Base
  acts_as_user :login => "username_field", :password =>
  use_acl :roles

The plugin has no ambitions of handling views, but only doing model
tasks, such as salting the password, and possibly providing access to
roles.  Its easy to update (no generated code), and easy to apply
because it doesn't place any requirements on the schema or views.
Maybe it could also provide:

class MyController < ActionController::Base
   authenticate_against :my_user, :except => ["index", "login"]

Goals include simplicity, configurability, no generated code, no view
code, loose coupling to the db schema.  Any feedback as to the merits
of the approach?

Kyle Maxwell
Chief Technologist
E Factor Media // FN Interactive
821395fe70906c8290df7f18ac4ac6cf?d=identicon&s=25 Rick Olson (Guest)
on 2006-01-26 22:23
(Received via mailing list)
On 1/26/06, Kyle Maxwell <> wrote:
>   acts_as_user :login => "username_field", :password => "my_password_field"
>    authenticate_against :my_user, :except => ["index", "login"]
> 1-866-263-3261

We tried this at RubyConf this year actually (and freaked David out
when showing him what we were working on).  We had an act for the
model (it's where the acts_as_authenticated name came from) with
plugins for encryption schemes (KirinDave hacked up a nice rot13
one!).  We had controller macros for setting up the various actions
too.  It wasn't that tough to write really.

The problem was writing all the configuration options.  It became
apparent that we were just substituting the already-clean ruby code
for our own configuration syntax (setting field names, validations,
etc).  Rails is already easy enough to write, and I didn't feel liking
coming up with something else for the Rails developer to learn in
order to use the plugin.  I then took Tobi's expert example and
rewrote everything as a straightforward generator.

Anyways, good luck :)

Rick Olson
This topic is locked and can not be replied to.