OK I have dents in my head from beating on LoginGenerator, so if anyone who has used this thing can shed a little light I would greatly appreciate it. It is installed and I have set it up on my User class. Folks can login, logout, etc just fine. I have am not using the per method protection model yet, as I am trying to migrate slowly ;) What is broken though are all my methods that save or update the User. For example my edit view had to have a password confirm entered or the update would fail. Other methods I have that do non view-related processing that need to do User.save or User.update are all failing to save or update. I have tried setting the LG filters all sorts of ways to no avail. Even when I have established a "session" primitive as it is with the @session being instantiated it seems to insist on password confirmation for all actions that write, and I can find no way to force this through for the methods that have no view, and it is unwieldy for the person who has already logged in to have to constantly type in a password confirm on numerous screens. I really don''t need much as far as an ACL model. I just wanted to make folks login to access the update/write actions and methods, and to setup special rights for a single admin user. If I can''t get through this I guess I''oll have to go to the next option LoginEngine or Salt and see if I have the same issues. Thanks in advance. -- Posted via http://www.ruby-forum.com/.
On 7/11/06, Mike Kogan <mike@kogan.org> wrote:> > OK I have dents in my head from beating on LoginGenerator, so if anyone > who has used this thing can shed a little light I would greatly > appreciate it. > > It is installed and I have set it up on my User class. Folks can login, > logout, etc just fine. I have am not using the per method protection > model yet, as I am trying to migrate slowly ;) > > What is broken though are all my methods that save or update the User. > For example my edit view had to have a password confirm entered or the > update would fail. Other methods I have that do non view-related > processing that need to do User.save or User.update are all failing to > save or update. > > I have tried setting the LG filters all sorts of ways to no avail. Even > when I have established a "session" primitive as it is with the @session > being instantiated it seems to insist on password confirmation for all > actions that write, and I can find no way to force this through for the > methods that have no view, and it is unwieldy for the person who has > already logged in to have to constantly type in a password confirm on > numerous screens. > > I really don''t need much as far as an ACL model. I just wanted to make > folks login to access the update/write actions and methods, and to setup > special rights for a single admin user. If I can''t get through this I > guess I''oll have to go to the next option LoginEngine or Salt and see if > I have the same issues.I wouldn''t use salted login generator. Big fuss to get that going. LoginEngine is a good choice, but might be a bit much for what your after. Try acts_as_authenticated. Thanks in advance.> > -- > Posted via http://www.ruby-forum.com/. > _______________________________________________ > Rails mailing list > Rails@lists.rubyonrails.org > http://lists.rubyonrails.org/mailman/listinfo/rails >-------------- next part -------------- An HTML attachment was scrubbed... URL: http://wrath.rubyonrails.org/pipermail/rails/attachments/20060711/dbd9a88b/attachment.html
I second the LoginEngine. its been great to me so far. On 7/10/06, Daniel N <has.sox@gmail.com> wrote:> > > > On 7/11/06, Mike Kogan <mike@kogan.org> wrote: > > OK I have dents in my head from beating on LoginGenerator, so if anyone > > who has used this thing can shed a little light I would greatly > > appreciate it. > > > > It is installed and I have set it up on my User class. Folks can login, > > logout, etc just fine. I have am not using the per method protection > > model yet, as I am trying to migrate slowly ;) > > > > What is broken though are all my methods that save or update the User. > > For example my edit view had to have a password confirm entered or the > > update would fail. Other methods I have that do non view-related > > processing that need to do User.save or User.update are all failing to > > save or update. > > > > I have tried setting the LG filters all sorts of ways to no avail. Even > > when I have established a "session" primitive as it is with the @session > > being instantiated it seems to insist on password confirmation for all > > actions that write, and I can find no way to force this through for the > > methods that have no view, and it is unwieldy for the person who has > > already logged in to have to constantly type in a password confirm on > > numerous screens. > > > > I really don''t need much as far as an ACL model. I just wanted to make > > folks login to access the update/write actions and methods, and to setup > > special rights for a single admin user. If I can''t get through this I > > guess I''oll have to go to the next option LoginEngine or Salt and see if > > I have the same issues. > > > I wouldn''t use salted login generator. Big fuss to get that going. > > LoginEngine is a good choice, but might be a bit much for what your after. > > Try acts_as_authenticated. > > > > Thanks in advance. > > > > -- > > Posted via http://www.ruby-forum.com/ . > > _______________________________________________ > > Rails mailing list > > Rails@lists.rubyonrails.org > > http://lists.rubyonrails.org/mailman/listinfo/rails > > > > > _______________________________________________ > Rails mailing list > Rails@lists.rubyonrails.org > http://lists.rubyonrails.org/mailman/listinfo/rails > > >-- Elliott Clark eclark@cc.gatech.edu eclark@nife.us
Daniel ----- wrote:> On 7/11/06, Mike Kogan <mike@kogan.org> wrote: >> For example my edit view had to have a password confirm entered or the >> numerous screens. >> >> I really don''t need much as far as an ACL model. I just wanted to make >> folks login to access the update/write actions and methods, and to setup >> special rights for a single admin user. If I can''t get through this I >> guess I''oll have to go to the next option LoginEngine or Salt and see if >> I have the same issues. > > > I wouldn''t use salted login generator. Big fuss to get that going. > > LoginEngine is a good choice, but might be a bit much for what your > after. > > Try acts_as_authenticated. > > Thanks in advance.You might consider picking up Rails Recipes (http://www.pragmaticprogrammer.com/titles/fr_rr/index.html). Lots of good information, and in particular, a couple of simple authentication/authorization schemes. I used to login generator, pitched that and went to the user/login engines, and after struggling with issues after a Rails upgrade, pitched both and implemented the recipe from the book. Had it running in 20 minutes, and then enhanced it from there. -- Posted via http://www.ruby-forum.com/.