Manage users through a web service

Hi~

First of all, I'll apologize because this is going to be more of a general setup question rather than a specific coding question. I'm relatively new to Rails and I've never built a web service before. So, here's my problem:

I'm building 3 new applications that all relate to one another, but can also be stand-alone. Meaning a user can register with each one individually. However, one of the requirements is to only have one login. So once a user registers with any of the 3 applications, they are then in the system and can use the same username/password they've registered.

Now, it seems to me that this is a perfect situation to have a web service to manage users. If not, you can stop here and possibly explain a better solution? (Note: I don't want to use openID).

Here are the things I would want to do in the web service:

1) Register a user, saving all information to the webservice (but only email and password will be required). 2) Login a user, returning their user_id to be held in session. This would require a call to the webservice to verify that the user exists, and if not, prompt them to register.

Those are the absolute minimum requirements. Now, what else should I have? I want to keep track of last logins and login attempts as well, so I was thinking about having the following tables: Users, Audits, Logs. Users is obvious, Audits would keep track of logins and attempts, Logs would record eroneous errors (or should I use a flat file for that?).

If you've made it this far, and that sounds reasonable, what type of code needs to be written to connect to the webservice? I'm not completely sure I know how it works. Would I have a method like "verify_user(email, pwd)" that would return xml data if the user exists, and an error code if they don't?

I'll stop here for now, and ask more coding-type questions once I figure out the general idea of how to accomplish this. If someone can explain the basics of an implementation to have one way to track multiple users across 3 applications, I'm open to suggestions.

Again, I'm sorry this is kind of general, but I didn't know which forum would be most appropriate. Thanks for any help on this matter.

  While you could do this with a webservice there may exist an easier solution. If you control all three of these rails apps that need to work together then you may want to consider letting all 3 apps use the same database for at least the users table. That is probably the simplest way to share users between apps.

  I'll let someone else chime in about a webservice approach but it feels like a little bit of over kill to me for just sharing users.

Cheers -- Ezra Zygmuntowicz-- Lead Rails Evangelist -- ez@engineyard.com -- Engine Yard, Serious Rails Hosting -- (866) 518-YARD (9273)

rph wrote:

Ezra Zygmuntowicz wrote:

Hi~

individually. However, one of the requirements is to only have one

attempts, I'll stop here for now, and ask more coding-type questions once I figure out the general idea of how to accomplish this. If someone can explain the basics of an implementation to have one way to track multiple users across 3 applications, I'm open to suggestions.

Again, I'm sorry this is kind of general, but I didn't know which forum would be most appropriate. Thanks for any help on this matter.

  While you could do this with a webservice there may exist an easier solution. If you control all three of these rails apps that need to work together then you may want to consider letting all 3 apps use the same database for at least the users table. That is probably the simplest way to share users between apps.

  I'll let someone else chime in about a webservice approach but it feels like a little bit of over kill to me for just sharing users.

Cheers -- Ezra Zygmuntowicz -- Lead Rails Evangelist -- ez@engineyard.com -- Engine Yard, Serious Rails Hosting -- (866) 518-YARD (9273)

Thank you... excellent point. How would that work, though? If I had a database for the users part of the applications (users_production), and the next application had its own database (app1_production), how would I connect to the users_production database to let the app1 application use the users table? I originally thought about that, but thought that it would make more sense to keep them separate, but I completely see your point. I just don't know how to do it. Any thoughts on this? Or other thoughts? Thanks again.

Its relatively simple:

In database.yml file of app1_production:

users:   adapter: mysql   database: original_users   host: localhost   username: connector   password: wtf

So, in the model of same app, you would say:

class User < ActiveRecord::Base   if RAILS['env'] == 'production'     establish_connections :users   else      # normal test thingy   end   # rest of the model code comes here unhindered. end