About "Rails Recipes", Fowler, 2006

RichardOnRails wrote:

Hi,

I'm following Chad's Recipe 31, "Authenticating your Users".

Beware of following any Rails book that old.

And don't bother writing your own authentication code. Just use
Authlogic and have done with it.

Hi Marnen,

Thanks for your response (especially since you posted with an
iphone :BG)

Beware of following any Rails book that old.

But I should be able to adapt old stuff to run in a fairly current
Rails version (mine's 2.3.5)

And don't bother writing your own authentication code. Just use Authlogic and have done with it.

I'd rather add code to my app that I can test rather than blindly add
code that hasn't been perused as carefully as code bless by the core
Rails team.

With that said, my first problem is a link failing; I produce a Home
page that displays the following:

Receipts Tracking System
Library powered by Ruby on Rails
Please sign in here

where "here" is a link defined by:Please sign in <%= link_to
"here", :controller=>"user", :action=>"sign_in" -%>

I've got the User controller populated with:
  def sign_in
  end

I've got app\views\users\sign_in.html.erb defined with (just to see if
it's working):
<b><i>Signing in!<i><b>

Instead of getting "Signing in!", I get the error messages:
Routing Error
No route matches "/user/sign_in" with {:method=>:get}

I've got a route: map.resources :users

Do you care to offer me any suggestions? I'd be most appreciative.

Best wishes,
Richard

RichardOnRails wrote:

Hi Marnen,

Thanks for your response (especially since you posted with an
iphone :BG)

Beware of following any Rails book that old.

But I should be able to adapt old stuff to run in a fairly current
Rails version (mine's 2.3.5)

Do you really want that hassle? Particularly since you're still a
relative beginner in Rails? I'd *really* advise against this -- you'll
probably get shown obsolete ways of doing things.

And don't bother writing your own authentication code. Just use Authlogic and have done with it.

I'd rather add code to my app that I can test rather than blindly add
code that hasn't been perused as carefully as code bless by the core
Rails team.

What makes you think it hasn't been tested? What makes you think the
Rails core team has a monopoly on good testing? In fact, Authlogic has
been well tested and is very widely used. If you want to check its test
suite, you are welcome to do so.

Don't reinvent the wheel.

[...]

Do you care to offer me any suggestions? I'd be most appreciative.

Part of being a good Rails developer is knowing when to use a plugin and
save yourself some work. In your case, since there's a good plugin for
the exact things you're doing, you should absolutely use it.

Best wishes,
Richard

Best,

Richard,

Marnen is absolutely right about his suggestion.

One of the most beautiful aspects of developing in RoR is the fact that there’s almost a plugin/gem that you can install and use very easily for every need you may have for a webapp.

(among other features/advantages) RoR is know for the development speed you can achieve. Using the right plugin/gem for a specific task is one of the multiple factors that allows you to develop at an amazing speed.

Authlogic, in this case, is VERY well tested and uses in many sites.

I used to use RestfulAuthentication, but I switched to Authlogic since is much cleaner and easy to understand.

If you’re learning RoR and you want to explore possibilities, install Authlogic and try to understand it’s inner workings.

You’ll be gaining a lot of time and also you’ll see how a very good plugin is developed.

Hi Juan & Marnen,

Marnen is absolutely right about his suggestion.

You guys may be right about the best way to add authentication to a
Rails app. But that may not be the best way for me to learn Rails
development. I'll take a look at AuthLogic in due time. But right
now I'd like some help in fixing a routing problem, so I'm going to
post that question on a separate thread without the context of
authentication.

Thanks for your respponses.

Best wishes,
Richard

Hey guys,

On top of my other problems, I inadvertently clicked a link labeled
"Report as spam" to Google Groups. I'm going to see if there's a way
to undo that. I apologize for that mistake.

Best wishes,
Richard

RichardOnRails wrote:

Hi Juan & Marnen,

Marnen is absolutely right about his suggestion.

You guys may be right about the best way to add authentication to a
Rails app. But that may not be the best way for me to learn Rails
development.

It probably is: you can do the easy stuff yourself while learning from
plugins for the hard stuff. You can look at the plugin code, but in the
meantime you know your app works. Where's the downside?

  I'll take a look at AuthLogic in due time. But right

Hey Marnen,

Suppose someone posted on the Math Forum (if there is such a thing)
the question: what are the roots of the following equation:
6x^2 - 13x + 6 = 0,

I'd respond "3/2 & 2/3", not:
1. use the Quadratic Formula, nor
2. factor the polynomial

After answering the question asked, I'd probably provide links to
factoring and the Quadratic Formula.

Where's the downside?

For this app, we don't want any plug-ins. Discussing AuthLogic is
secondary. No one seems interested in helping with the original
question. Is that because the question is unanswerable, or because
neither of you can answer it with the facts as I presented them?

As Hamlet said so eloquently, "That is the question."

Best,.
Richard

RichardOnRails wrote:

Hey Marnen,

[irrelevant math analogy snipped]

Where's the downside?

For this app, we don't want any plug-ins.

Why on earth not? Do you have a reason for this, and if so, what is it?
(I don't think I've ever seen a nontrivial Rails app that didn't have
at least one plugin or non-Rails gem dependency.)

Appropriate use of third-party libraries is an important development
skill. At some level, you know this, or you'd be writing your own Web
framework instead of using Rails. :slight_smile:

Discussing AuthLogic is
secondary.

Why, when it's the appropriate solution in this case?

No one seems interested in helping with the original
question. Is that because the question is unanswerable, or because
neither of you can answer it with the facts as I presented them?

It's because it's not a question you should be worrying about as a Rails
beginner. You should not be reinventing user authentication when there
is an excellent plugin that will do everything you're asking for.

(In fact, the answer to your question is simple. Read the docs for the
resources method and all will become clear -- sign_in is not one of the
7 default action names, and you didn't declare it.)

Now, if you take a look at Authlogic and think you can do better, then
please do so! But do so in order to build a better mousetrap, not out
of "Not Invented Here" syndrome.

As Hamlet said so eloquently, "That is the question."

Programming is not a life-or-death matter (well, unless you're in the
medical device industry...).

Best,.
Richard

Best,

Richard,

if you don’t want to use any plug in and you want to write all the code
for an authentication solution, but you can’t port a 2006 solution to a
2010 one, you need to get more into Rail’s inner workings and
understand deeply how Rails work. Taking a look at the question you ask
at the end of your original post, I’d say you’re in the right path.

On the other hand, you can try RestfulAuthentication, which generates a
lot of code (models, views, controllers, tests, and more) in your app
(on the contrary of Authlogic - which it doesn’t) and take a look at
that code to understand how it works.

Getting a gasp on Rails might be difficult at the beginning if you have
experience in other languages / frameworks because of how easy, well
structured and thought is, but believe me, understanding how Rails
works will save you a lot of time and work in the future.

Mis mejores deseos,

Best wishes,

Meilleurs vœux,

Juan Pablo