Thursday, June 19, 2008

Rails Authentication

You need authentication for applications. Just gotta have it. Even utterly harmless internal applications that will never-ever-never see the internet need - in these benighted ages of Sarbanes-Oxley - authentication because if you don't some auditor about ten days out of college is going to gig you for it.

oh-noes-gold-fish

Sure, laugh. Until you're doing the carpet dance explaining why you suck.


After whacking my skull against the problem for a few days getting basic authentication turns out to be .. easy.

The environment

$ ruby -v
ruby 1.8.6 (2008-03-03 patchlevel 114) [i686-darwin8.11.1]
$ rails -v
Rails 2.1.0


This is restful_authentication. I don't know what that really is but all the cool kids seem to think it's the cat's pajamas.

Install plugin in the directory where your code lives.

script/plugin install http://svn.techno-weenie.net/projects/plugins/restful_authentication/


Generate that puppy

script/generate authenticated user sessions


Migrate that sucker

rake db:migrate


Make it available to all your controllers - put this in ./app/controllers/application.rb

include AuthenticatedSystem


Power!

script/server


Find your way to http://localhost:3000/users/new, add a user.

Add these to ./config/routes.rb

map.logout '/logout', :controller => 'sessions', :action => 'destroy'
map.login '/login', :controller => 'sessions', :action => 'new'


Now you have
http://localhost:3000/login
and
http://localhost:3000/login

If you have a navigation bar, create links to the pages.

See this handy-dandy tutorial for the details about what you're doing and why.


Next .. I get to make all this work with Active Directory.

Oh Noes!

Naw - it won't be that bad.
blog comments powered by Disqus