Geek Answers Handbook

Ruby on rails Guide Check Guide

Does anyone know of a good guide on creating your own ruby ​​authentication system on rails? I want to flip my own system for use with my im building community :)

Thanks!

+7
authentication ruby ruby-on-rails system
source share
6 answers

I would recommend starting with Warden - it will handle the very basics of sessions for you and give you a good foundation to build your logic from above. The Rails Warden plugin is a fairly small library that helps you integrate it into Rails. Both of these projects are quite mature and well designed, but are still under active development - they are a good choice.

You should know Devise , another authentication system (e.g. Authlogic or Restful Authentication) based on Warden. This may not be suitable for your project (it was not for me), but looking at the source may give you some ideas on how best to use Warden.

Another thing that I want to point out is that in terms of hashing passwords, you should absolutely use bcrypt .

+8
source share

michael hartl will soon come out of a good book, and the first 8 chapters are available in pdf format for free: http://www.railstutorial.org/ - they cover the entire process of creating a very reliable rspec-based authentication system - cannot recommend it highly enough

+4
source share

Well, that came out some time after you asked your question, but the best answer if you want to create your own authentication system and not use something like Devise would probably be Ryan Bates Authentication from Scratch Screencast .

+2
source share

Since authentication is a common problem that has been solved many times already, I would start by examining existing solutions.

For example, see Restful Authentication , which provides a good foundation for authentication in Rails. Even if you prefer to use your own system, playing with Restful Authentication and understanding how it works, you should have a good understanding of the components necessary to create your own system.

+1
source share

Check out this article:

http://www.aidanf.net/rails_user_authentication_tutorial

The author goes step by step through the entire authentication system with suggestions for further improvements. Even tests are discussed.

0
source share

I agree with Ritchie ... Devise has some very nice features, but it doesn't play well with others. For many use cases, a routing capture method can make your work difficult. In many situations, you might be better off folding your own.

Devise called circular links in my Rails resource pipeline, and the settings in the initializer, as set (in the latest version as of yesterday), ran into the defaults in the migration it generated.

I created enterprise-level authentication systems, including email verification, password recovery, etc. And none of this required the use of routing fraud that Devise uses. If you really need all the features, this may be for you. But there are many reasons not to use it too.

0
source share

More articles:


All Articles