Rails Authentication

You need authentication for applications. Just gotta have it. Even utterly harmless internal applications that will never-ever-never see the internet need - in these benighted ages of Sarbanes-Oxley - authentication because if you don't some auditor about ten days out of college is going to gig you for it.



Sure, laugh. Until you're doing the carpet dance explaining why you suck.


After whacking my skull against the problem for a few days getting basic authentication turns out to be .. easy.

The environment

$ ruby -v
ruby 1.8.6 (2008-03-03 patchlevel 114) [i686-darwin8.11.1]
$ rails -v
Rails 2.1.0


This is restful_authentication. I don't know what that really is but all the cool kids seem to think it's the cat's pajamas.

Install plugin in the directory where your code lives.

script/plugin install http://svn.techno-weenie.net/projects/plugins/restful_authentication/


Generate that puppy

script/generate authenticated user sessions


Migrate that sucker

rake db:migrate


Make it available to all your controllers - put this in ./app/controllers/application.rb

include AuthenticatedSystem


Power!

script/server


Find your way to http://localhost:3000/users/new, add a user.

Add these to ./config/routes.rb

map.logout '/logout', :controller => 'sessions', :action => 'destroy'
map.login '/login', :controller => 'sessions', :action => 'new'


Now you have
http://localhost:3000/login
and
http://localhost:3000/login

If you have a navigation bar, create links to the pages.

See this handy-dandy tutorial for the details about what you're doing and why.


Next .. I get to make all this work with Active Directory.



Naw - it won't be that bad.