October 21, 2009 23:54
Posted by Jeremy Durham
RESTful authentication has fallen out of favor as the authentication system of choice while building new projects, but I still find it simple enough to hack on and easy to implement in a new project. RESTful authentication coupled with Declarative Authorization gives you a nice full solution to authentication and authorization in most cases.
Although RESTful authentication is easy to set up and use, it’s use of fixtures and extensive custom cucumber steps that collide with built-in webrat steps have caused me to continuously rewrite my specs and features when setting up new projects. I finally got irritated enough by the whole situation today that I decided to fork RESTful auth, completely swap out fixtures, and rewrite all the cucumber features. No more static data: no more quentin, aaron, etc. Just User.make to generate random users and away we go.
Hopefully, you find my fork useful. Here’s a really quick “Getting Started” to show how simple you can get up and going:
- rails app_name
- git submodule add git://github.com/jeremydurham/restful-authentication.git vendor/plugins/restful_authentication
- script/generate rspec
- script/generate cucumber
- generate some code and setup a root path (map.root)
- Make sure you include flash[:error] and render :partial => ‘users/user_bar’ in your application layout, or tweak the features and specs as necessary
- script/generate authenticated user —rspec
- Add the appropriate paths to features/support/paths.rb (they are printed to STDOUT when generating RESTful auth)
- rake db:migrate
- move “include AuthenticatedSystem” to application_controller
At this point, running “rake spec” or “rake features” should both pass, and running the application should allow you to log in, log out, and sign up. Hopefully, this process took you no more than a few minutes, and you’re up and running!
If you’re looking for excellent authorization (roles, rules, etc) then make sure you take a look at declarative authorization.