I checked out zena before, and while it is a good CMS in it's own right
I don't think I can use it as it would require me to rewrite a huge a
existing application, or write api hooks.
I was mostly looking for a "RAILS WAY" strategy to implement this. It
looks like you are suggesting option #3. Which is what I got from a few
other sources.
I checked out zena before, and while it is a good CMS in it's own right
I don't think I can use it as it would require me to rewrite a huge a
existing application, or write api hooks.
I was mostly looking for a "RAILS WAY" strategy to implement this. It
looks like you are suggesting option #3. Which is what I got from a few
other sources.
Thank you for reply thou.
No problem. And don't worry too much about "exposing" your app. Putting
a "before_filter" in ApplicationController and a careful handling of the
login system works good (I am migrating to authlogic). Just take care of
two things:
Gaspard,
while we are on the subject i was recently considering different
systems, and while right now I'm using restful_authentication I looked
at authlogic as well.
Any particular reason you prefer it over other rails authorization
systems?
I'm not Gaspard, but my reasons for preferring Authlogic are many:
* It's easier to work with.
* It doesn't clutter your model files with framework code (I'm ripping
restful_auth out of Quorum [ http://quorum.sf.net ] at the moment, and
the amount of framework-generated crap that I removed from user.rb is
staggering).
* You get more handy features for free.
* Testing generally seems easier.
The only downside is that Authlogic does slightly more magic.
For all the reasons above and easy transitions from password hashing
schemes:
My current hashing method on passwords is not the best possible solution
so I can write an 'InitialCryptoProvider' to hash and match my old
passwords and write a single line in my User class to smoothly
transition from one hashing scheme to another without stressing my
users.