login sugar

After being frustrated (yet again) last week when attempting to use
the salted_login_generator in a new rails project, I have modified it
so that it works better for my needs. Since the
SaltedHashLoginGenerator wiki page seems to indicate many people are
frustrated by this package which is very nice but has been broken
since rails 1.1.4 I think, I have gem-ified my version of the
generator and released it. In my version:

   * All of the tests pass on Rails 1.1.[456].
   * Example DB schema uses migrations.
   * The first_name, last_name attributes have underscores.
   * Includes a quick start zip of preconfigured default rails app
   * The README_USER_LOGIN tells you everything you need to know.

It is available at

This was my first time looking at the internals of generators and
gems, but I think I got it mostly right. It seems to work in fresh
rails projects in my tests. It's probably brittle in terms of naming
the controllers though, so you may have to make some adjustments if
you use something other than User and Localization as your controller

I realize Deirdre Saoirse Moen has taken over the salted login project
and a fixed version 1.1.2 will probably be out soon, so just consider
this a measure of temporary sanity.

Dav and Deirdre,
thanks for working on this.

I started with this:

I walked through the install.

All the tests pass on my Mac.

I have this:

bash mac maco /pt/webprops/sysadmin/tst 104 $ script/about

About your application's environment
Ruby version 1.8.4 (powerpc-darwin8.7.0)

RubyGems version 0.8.11
Active Record version 1.14.2

Action Pack version 1.12.1
Action Web Service version 1.1.2

Action Mailer version 1.2.1
Active Support version 1.3.1

Edge Rails revision 4814 < *****************
Application root /pt/webprops/sysadmin/tst

Environment development
Database adapter postgresql

Database schema version 2
bash mac maco /pt/webprops/sysadmin/tst 105 $

Anyway the first problem is Clock.

I found Clock in two places.


The mock clock has been debugged so that the tests will pass.

The real clock has 4 bugs in it and it's only 14 lines long.

Here is what mine looks like now after I fixed what I could:

class Clock

  def self.at( t )
    [Time.at](http://Time.at) t


  def self.now


  def self.time=

    raise "Cannot set time on real Clock class"


At this point, I can get past the signup page once I post some data there.

I then get sent to the login page.

There, I cannot get authenticated.

I see a bunch of errors in my webserver window related to things that are deprecated:

Here is information related to the POST :

Processing UserController#login (for []( at 2006-08-23 23:50:28) [POST]

  Session ID: 1d00e5031629fcf5268a5abe39172d06
  Parameters: {"user"=>{"login"=>"bbbbbb", "password"=>"bbbbbb"},

"commit"=>"Login", "action"=>"login",

@params is deprecated! Call params.[] instead of @params.[]. Args: ["user"] (login at


  [4;36;1mSQL (0.002785)[0m [0;1m SELECT a.attname, format_type(a.atttypid, a.atttypmod), d.adsrc, a.attnotnull
 FROM pg_attribute a LEFT JOIN pg_attrdef d

 ON a.attrelid = d.adrelid AND a.attnum = d.adnum
 WHERE a.attrelid
= 'users'::regclass
 AND a.attnum > 0 AND NOT a.attisdropped

 ORDER BY a.attnum
@params is deprecated! Call params.[] instead of @params.[]. Args: ["user"] (login at


@params is deprecated! Call params.[] instead of @params.[]. Args: ["user"] (login at

WARNING: find_first is deprecated and will be removed from the next Rails release (find_first at


  [4;35;1mUser Load (0.001495)[0m [0mSELECT * FROM users WHERE (login = 'bbbbbb' AND verified = 1 AND deleted =

0) LIMIT 1[0m
@session is deprecated! Call session.[]= instead of @session.[]=. Args: ["user", nil] (login at

@params is deprecated! Call params.[] instead of @params.[]. Args: ["user"] (login at


Rendering within layouts/scaffold
Rendering user/login
@flash is deprecated! Call flash.[] instead of @flash.[]. Args: ["notice"] (head_helper at


@flash is deprecated! Call flash.[] instead of @flash.[]. Args: ["message"] (head_helper at

@flash is deprecated! Call flash.[] instead of @flash.[]. Args: ["message"] (head_helper at

Completed in 0.02749 (36 reqs/sec) | Rendering: 0.01372 (49%) | DB: 0.00428 (15%) | 200 OK

If anyone can figure out how to get this stuff working,
I might be tempted to use it.




it turns out that this piece of software requires that a new user
call the welcome action. The welcome action changes the user’s state
to verified. Once the user is verified, he will be allowed to
attempt authentication. The login page actually states this
which is useful to me once I read it.

I get the URL to the welcome action from the e-mail sent out
or the development.log if that is more convenient.

It looks like this:

Also this is obvious if I inspect the SQL in the webrick window:
SELECT * FROM users WHERE (login = ‘bbbbbb’ AND verified = 1 AND deleted =

Console had told me that for my user,
verified was set to 0.


dunno how much lighter it is but the acts_as_authenticated plugin is
simple and popular these days.