Hi all, I am implementing a site that given a login/pass will log the user into a page whose url contains the login name (a la del.icio.us). Anyone can see this page, but if you are logged in, certain operations become available (ie, modify your profile). Is there a good existing framework that could do the heavy lifting for me? If not, are there any suggestions on which approach to take? Thanks, Ajay -- Posted via http://www.ruby-forum.com/. --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Ruby on Rails: Talk" group. To post to this group, send email to rubyonrails-talk-/JYPxA39Uh5TLH3MbocFFw@public.gmane.org To unsubscribe from this group, send email to rubyonrails-talk-unsubscribe-/JYPxA39Uh5TLH3MbocFFw@public.gmane.org For more options, visit this group at http://groups.google.com/group/rubyonrails-talk -~----------~----~----~----~------~----~------~--~---
petermichaux-Re5JQEeQqe8AvxtiuMwx3w@public.gmane.org
2006-Sep-02 17:15 UTC
Re: Newbie question: Logins
Ajay Kapal wrote:> Hi all, > > I am implementing a site that given a login/pass will log the user into > a page whose url contains the login name (a la del.icio.us). Anyone > can see this page, but if you are logged in, certain operations become > available (ie, modify your profile). > > Is there a good existing framework that could do the heavy lifting for > me? If not, are there any suggestions on which approach to take?Login is a huge debate topic in the Rails world. There are many options Salted Hash Login Generator login engine RBAC login engine ... The generator method seems dead and people either roll their own or use an engine. DHH would argue you must roll your own and the second edition of Agile Web Development with Rails pdf will get you started with salts etc Peter --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Ruby on Rails: Talk" group. To post to this group, send email to rubyonrails-talk-/JYPxA39Uh5TLH3MbocFFw@public.gmane.org To unsubscribe from this group, send email to rubyonrails-talk-unsubscribe-/JYPxA39Uh5TLH3MbocFFw@public.gmane.org For more options, visit this group at http://groups.google.com/group/rubyonrails-talk -~----------~----~----~----~------~----~------~--~---
> > Login is a huge debate topic in the Rails world. There are many options > > Salted Hash Login Generator > login engine > RBAC login engine > ... > > The generator method seems dead and people either roll their own or use > an engine. > > DHH would argue you must roll your own and the second edition of Agile > Web Development with Rails pdf will get you started with salts etc > > PeterHi Peter, Thanks for the information. Since posting the question, I read over that section in the 2nd edition of Agile Web Development with Rails. -- Posted via http://www.ruby-forum.com/. --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Ruby on Rails: Talk" group. To post to this group, send email to rubyonrails-talk-/JYPxA39Uh5TLH3MbocFFw@public.gmane.org To unsubscribe from this group, send email to rubyonrails-talk-unsubscribe-/JYPxA39Uh5TLH3MbocFFw@public.gmane.org For more options, visit this group at http://groups.google.com/group/rubyonrails-talk -~----------~----~----~----~------~----~------~--~---
I just built a security schema surrounding the login engine. Watch out - I had to modify just about everyfile because the word "PASSWORD" is reserved in SQL92, and my SQL92 compliant RDBMS choked on most of the login queries. Still, it only took me an evening to build the core of my security modules around this simple engine. Most "gotchas" I have seen so far with Rails concern the use of reserved words. --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Ruby on Rails: Talk" group. To post to this group, send email to rubyonrails-talk-/JYPxA39Uh5TLH3MbocFFw@public.gmane.org To unsubscribe from this group, send email to rubyonrails-talk-unsubscribe-/JYPxA39Uh5TLH3MbocFFw@public.gmane.org For more options, visit this group at http://groups.google.com/group/rubyonrails-talk -~----------~----~----~----~------~----~------~--~---