Working on a rail project, I naturally needed to do user authentication. Rails had a monopoly on this in the restful_authentication plugin, which I didn’t like for several reasons:

• it generates a lot of code
• he is inflexible in the settings
• it is difficult to integrate into existing models and controllers (must be created from scratch)
• to him extremely vague documentation

Correct the above and it became the task of the jiff_auth plugin, which I decided to code.
Below is a small guide to configure and use.

Application integration

Installation

cd vendor/plugins
git clone git://github.com/snitko/jiff_auth.git

Migration for DB

You will need to add the following:

add_column :users,:password, :string :limit => 40
add_column :users,:password_token, :string, :unique => true, :limit => 20
add_column :users,:password_token_expires, :datetime

Hereinafter I will assume that you are using the User model, although you can use the model with any name, of course.
')

Turn on the plugin!

In application.rb you need to add just one line to make it work:

JiffAuth.configure(:app_controller => self, :auth_controller => :users, :model => :user)

JiffAuth.configure is ApplicationController's expendit and classes specified as: controller and: model. In addition, there are a couple of interesting arguments in configure () that you might find useful:

:redirect_on => {
:create => '/login',
:logout => '/login'
},
:render_on => {
:error => 'users/error',
:message => 'users/system-message'
}

I think everything is clear. Consider only that all the arguments listed above are set by default (with exactly the values ​​given in the example), so use them if you are not comfortable with the default behavior.

And finally, we set up routes.rb

Here's what to add in routes.rb:
map.connect 'login', :controller => 'users', :action => 'login'
map.connect 'logout', :controller => 'users', :action => 'logout'
map.connect 'lost-password', :controller => 'users', :action => 'lost_password'
map.connect 'recover-password', :controller => 'users', :action => 'recover_password'
map.connect 'change-password', :controller => 'users', :action => 'change_password'

Of course, the address for the action-s can choose what you like.

Examples of use in views

Since the plugin does not provide code generation, you will have to do the view yourself.
I will show examples of templates on two action-ah - create and login

users / create.erb

Here is what this template might look like:
<% form_for @user, :method => "post", :html => {:multipart =>; true} do |f| %>
<input type="text" name="user[login]" />
<input type="password" name="user[password]" />
<input type="password" name="user[password_confirmation]" />
<input type="text" name="user[email]" />
<% end %>

If the password field is empty, the plugin will generate the password itself. Further, if the registration is successful, there is a redirect to the login form.

users / login.erb

Here, too, everything is simple:
<% form_for User.new, :url => 'login', :method => "post", :html => {:multipart => true} do |f| %>
<input type="text" name="user[login]" />
<input type="password" name="user[password]" />
<% end %>

Instead of user [login], you can specify, for example, user [email] (or any other field, for example, id), then authentication will take place via email / password.

What's more?

In fact, everything written here + many more interesting things are in the README plug-in. Do not be lazy to read. Here I will only list a couple of things that are implemented in the plugin:

• Cookies and sessions - by itself. No need to configure anything.
• captcha
• guessing the name of the field for a login by its content

TODO:

• Openid
• Filter output parameters of requests to the logs (not to shine the password)

PS I apologize for formatting the code - the parser is a sucker, you need to write to the administration.