I'm please to announce, after 4 weeks of development, that I've just
released the first version of sorcery gem:
sorcery is an authentication gem plugin for Rails 3 inspired by
Authlogic, Devise and restful-authentication. You can see how it is used
with an example application here:
This gem plugin was started because:
* I wanted to write something 100% TDD from start to finish.
* I wanted to learn how to write an engine for Rails 3.
In addition to the above I had some plugin goals:
* Simple config
* Keep MVC.
* Magic yes, Voodoo no.
* No generated code.
* No built-in controllers, models, mailers, migrations or templates;
Real apps will need all of these custom made anyway.
Hopefully, I've achieved this. If not, let me know.
== Current Features:
* Basic Login/Logout.
* Password encryption with configurable algorithm.
* User activation by email with optional success email.
* Reset password with email verification.
* Remember me with configurable expiration.
* Configurable session timeout.
* Brute force login hammering protection.
* Modular design, load only the modules you need.
* 100% TDD'd code, 100% test coverage (100+ specs).
== Where from here:
fix bugs when found.
improve existing features.
add new features.
I've got many plans which include:
* Basic HTTP Authentication
* Auto login
* Other reset password strategies (security questions?)
* Sinatra support
* Mongoid support
* OmniAuth integration
* Activity logging
* Have an idea? Let me know, and it might get into the gem!
That's it for now,
Hope you will try it and let me know what you think.