Hello. I want my website to have 2 types of autorization - usuall logging in with mail&password, or just with Facebook account.
But does it require two separate models, like UsuallUser and FacebookUser? Or it is possible to set up everything with just one model?
Also I wondering if there some gems I can use that support this kind of authorization, or here I need to code all by myself?
I believe the Devise gem will let you do that. I am surprised that google did not find that for you.
Colin
Hello. I want my website to have 2 types of autorization - usuall logging in with mail&password, or just with Facebook account. But does it require two separate models, like UsuallUser and FacebookUser? Or it is possible to set up everything with just one model?
You only need a different model if you have a different set of parameters or processes attached to that "real world" object represented by that model. How they authenticate doesn't change the inner nature. In the end, you would still have a User, right?
Also I wondering if there some gems I can use that support this kind of authorization, or here I need to code all by myself?
Omniauth will make the Facebook (ick) or Twitter, or Github, or anything else pretty much, a once stop shop. There's a couple of Railscasts about it, and that's where I would start.
Walter
Walter Davis wrote in post #1103234:
Also I wondering if there some gems I can use that support this kind of
authorization, or here I need to code all by myself?
Omniauth will make the Facebook (ick) or Twitter, or Github, or anything else pretty much, a once stop shop. There's a couple of Railscasts about it, and that's where I would start.
If you have relatively basic authentication needs then Omiauth can do both username/password and social networking authentication using the identity provider:
While Devise is a nice comprehensive authentication system. Omniauth seems to be a lighter weight solution that works in many situations. It's what I personally use.
Also be careful not to confuse authentication with authorization. These are not the same thing. For authorization I've used Ryan Bates's excellent CanCan, which has worked really well for me so far.