Chapter 14. Users and Authentication
While sessions expand your application-building possibilities,
almost any interactive application that will be around for a while needs
to be able to keep track of users. You might be a little startled to hear
that Rails itself doesn’t include any mechanisms for tracking users,
unlike most current web frameworks. That isn’t so much a failure as an
opportunity for developers to create their own authentication approaches.
When getting started, however, it’s
probably wisest to work with the commonly used restful_authentication plug-in. (The code for this example is available in
ch14/students007.)
Note
Note that the restful_authentication plug-in is based on the
older acts_as_authenticated plug-in.
Many applications use, and much documentation describes, acts_as_authenticated, which has similar data
structures but doesn’t operate in a RESTful way.
Installation
Authentication is a complicated enough project that it’s worth fitting
into a more sophisticated application, like the students and courses
example. The first step toward adding authentication to it is to install
the restful_authentication plug-in.
From the application directory, enter:
$script/plugin install http://svn.techno-weenie.net/projects/plugins/restful_authentication
In Heroku, you’ll want to use the Gems & Plugins link under the vendor folder in the editor. In addition to the usual list of files being added, this installer reports some documentation and security issues. Definitely read ...
Get Learning Rails now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
