While working on a rail project, I naturally needed to do user authentication. The monopoly on this in Rails was the restful_authentication plugin, which I did not like for several reasons:

• it generates a lot of code
• he is inflexible in the settings
• It is difficult to integrate into existing models and controllers (must be created from scratch)
• extremely slurred documentation

To fix the above and it became the task of the jiff_auth plugin , which I decided to code.
Below is a small instruction for setting up and using.

Application integration

Installation

cd vendor/plugins
git clone git://github.com/snitko/jiff_auth.git

Database Migrations

You will need to add the following: Hereafter, I will mean that you are using the User model, although you can use the model with any name, of course.

add_column :users,:password, :string :limit => 40
add_column :users,:password_token, :string, :unique => true, :limit => 20
add_column :users,:password_token_expires, :datetime


Turn on the plugin!

In application.rb you need to add only one line to make it work:

JiffAuth.configure(:app_controller => self, :auth_controller => :users, :model => :user)

JiffAuth.configure the ApplicationController extension and the classes specified as: controller and: model. In addition, configure () has a couple more interesting arguments that may come in handy: I think everything is clear here. Just keep in mind that all the listed arguments are already installed by default (with the values ​​given in the example), so use them if you are not comfortable with the default behavior.

:redirect_on => {
:create => '/login',
:logout => '/login'
},
:render_on => {
:error => 'users/error',
:message => 'users/system-message'
}


And finally, configure routes.rb

Here's what you need to add to routes.rb: Of course, you can choose the address for actions you like.
map.connect 'login', :controller => 'users', :action => 'login'
map.connect 'logout', :controller => 'users', :action => 'logout'
map.connect 'lost-password', :controller => 'users', :action => 'lost_password'
map.connect 'recover-password', :controller => 'users', :action => 'recover_password'
map.connect 'change-password', :controller => 'users', :action => 'change_password'


Usage examples in views

Since the plugin does not provide for code generation, you have to do the view yourself.
I will show examples of templates on two actions: create and login

users / create.erb

Here's what this template might look like: If the password field is empty, the plugin will generate the password itself. Further, if registration is successful, a redirect to the login form occurs.
<% form_for @user, :method => "post", :html => {:multipart =>; true} do |f| %>




<% end %>


users / login.erb

Here, everything is also simple: Instead of user [login], you can specify, for example, user [email] (or any other field, for example id), then authentication will take place using the email / password pair.
<% form_for User.new, :url => 'login', :method => "post", :html => {:multipart => true} do |f| %>


<% end %>


What's more?

In fact, everything written here + there are still a lot of all kinds of interesting things - there is a README plugin. Do not be too lazy to read. Here I will only list a couple of things that are implemented in the plugin:

• Cookies and sessions - by itself. You do not need to configure anything.
• captcha
• guessing the name of the field for the login by its content

TODO:

• Openid
• Filter for query parameters output to the logs (in order not to shine the password)

PS I apologize for formatting the code - the parser is a goof, I need to write to the administration.