I've never done authentication in rails, so please don't be rigorous.
The first thought was to use restful_authentication plugin. Since I
found no api online, and all instructions said, I have to use
generator (which is not what I wanted - I already had a model and I
needed to integrate authentication in it), I decided to create an
empty project and to check out what code the generator puts in the
model and other files.
What I found, I didn't like. User model contained a bunch of lines
with validators and other stuff. What I was looking for is one line,
something like:
acts_as_authenticated
And that's it. Why mix plugin code with the model code? So, my
questions are:
1) Is there any manual or readme on how to integrate this plugin,
avoiding any generators, keeping as much code as possible out of /app
dir?
2) If no, is it worth writing authentication thing from scratch?
I use restful_authentication in pretty much all my Rails projects.
These are my opinions, and they are only opinions:
And that's it. Why mix plugin code with the model code? So, my
questions are:
All the stuff that gets applied to the User model by
restful_authentication are perfect legitimate as model logic so it
seems to be in the right place to me.
1) Is there any manual or readme on how to integrate this plugin,
avoiding any generators, keeping as much code as possible out of /app
dir?
No, why should there be? The author expects the user of the plugin to
run the generator at the beginning of the project. This is the first
thing I do in all my projects needing authentication. That's not to
say it wouldn't fairly trivial to move the code over from a blank
project. There shouldn't be that much work involved. Plus the
generators allow a --skip-migration option, but you'll still need a
reasonably compatible User model.
2) If no, is it worth writing authentication thing from scratch?
I would not write my own from scratch. I have better things to do with
my valuable time.