Screencast: Authentifizierung über Facebook

In diesem Screencast zeigt Ryan wie eine neue Facebook erstellt und konfiguriert werden kann. Zusätzlich zeigt er wie das omniauth-facebook gem eingesetzt wird.

 

Downloads in verschiedenen Formaten:

mp4
m4v
webm
ogg

 

Resourcen:

Gemfile

[ruby]
gem ‚omniauth-facebook‘
[/ruby]

config/initializers/omniauth.rb

[ruby]
OmniAuth.config.logger = Rails.logger

Rails.application.config.middleware.use OmniAuth::Builder do
provider :facebook, ENV[‚FACEBOOK_APP_ID‘], ENV[‚FACEBOOK_SECRET‘]
end
[/ruby]

terminal

[bash]
rails g model user provider uid name oauth_token oauth_expires_at:datetime
rake db:migrate
[/bash]

models/user.rb

[ruby]
def self.from_omniauth(auth)
where(auth.slice(:provider, :uid)).first_or_initialize.tap do |user|
user.provider = auth.provider
user.uid = auth.uid
user.name = auth.info.name
user.oauth_token = auth.credentials.token
user.oauth_expires_at = Time.at(auth.credentials.expires_at)
user.save!
end
end
[/ruby]

config/routes.rb

[ruby]
match ‚auth/:provider/callback‘, to: ’sessions#create‘
match ‚auth/failure‘, to: redirect(‚/‘)
match ’signout‘, to: ’sessions#destroy‘, as: ’signout‘
[/ruby]

sessions_controller.rb

[ruby]
class SessionsController < ApplicationController
def create
user = User.from_omniauth(env["omniauth.auth"])
session[:user_id] = user.id
redirect_to root_url
end

def destroy
session[:user_id] = nil
redirect_to root_url
end
end
[/ruby]

application_controller.rb

[ruby]
private

def current_user
@current_user ||= User.find(session[:user_id]) if session[:user_id]
end
helper_method :current_user
[/ruby]

layouts/application.html.erb

[html]
<div id="user_nav">
<% if current_user %>
Signed in as <strong><%= current_user.name %></strong>!
<%= link_to "Sign out", signout_path, id: "sign_out" %>
<% else %>
<%= link_to "Sign in with Facebook", "/auth/facebook", id: "sign_in" %>
<% end %>
</div>
[/html]

app/assets/javascripts/facebook.js.coffee.erb

[javascript]

jQuery ->
$(‚body‘).prepend(‚<div id="fb-root"></div>‘)

$.ajax
url: "#{window.location.protocol}//connect.facebook.net/en_US/all.js"
dataType: ’script‘
cache: true

window.fbAsyncInit = ->
FB.init(appId: ‚<%= ENV["FACEBOOK_APP_ID"] %>‘, cookie: true)

$(‚#sign_in‘).click (e) ->
e.preventDefault()
FB.login (response) ->
window.location = ‚/auth/facebook/callback‘ if response.authResponse

$(‚#sign_out‘).click (e) ->
FB.getLoginStatus (response) ->
FB.logout() if response.authResponse
true
[/javascript]

Screencast: OmniAuth

OmniAuth ist ein Ruby-Authetifierungs-Framework welches eine standardisierte Schnittstelle zu verschiedenen Authentifizierungs-Providern bietet (z.B. Facebook, OpenID). Mit dem aktuellen OmniAuth-Release 1.0 ist nun auch möglich klassisch über Benutzernamen und Passwort die Authentifizierung durchzuführen, wenn kein externer Anbieter gewünscht oder vorhanden ist. In diesem Screencast zeigt Ryan wie es installiert und verwendet werden kann.

 

Resourcen:

bash

[bash]
rails g model identity name:string email:string password_digest:string
rake db:migrate
rails g controller identities
[/bash]

Gemfile

[ruby]
gem ‚omniauth-identity‘
[/ruby]

config/initializers/omniauth.rb

[ruby]
Rails.application.config.middleware.use OmniAuth::Builder do
# …
provider :identity, on_failed_registration: lambda { |env|
IdentitiesController.action(:new).call(env)
}
end
[/ruby]

models/identity.rb

[ruby]
class Identity < OmniAuth::Identity::Models::ActiveRecord
validates_presence_of :name
validates_uniqueness_of :email
validates_format_of :email, :with => /^[-a-z0-9_+.]+@([-a-z0-9]+.)+[a-z0-9]{2,4}$/i
end
[/ruby]

sessions/new.html.erb

[html]
<p>
<strong>Don’t use these services?</strong>
<%= link_to "Create an account", new_identity_path %> or login below.
</p>

<%= form_tag "/auth/identity/callback" do %>
<div class="field">
<%= label_tag :auth_key, "Email" %><br>
<%= text_field_tag :auth_key %>
</div>
<div class="field">
<%= label_tag :password %><br>
<%= password_field_tag :password %>
</div>
<div class="actions"><%= submit_tag "Login" %></div>
<% end %>
[/html]

routes.rb

[ruby]
resources :identities
[/ruby]

identities_controller.rb

[ruby]
def new
@identity = env[‚omniauth.identity‘]
end
[/ruby]

identities/new.html.erb

[html]
<%= form_tag "/auth/identity/register" do %>
<% if @identity && @identity.errors.any? %>
<div class="error_messages">
<h2><%= pluralize(@identity.errors.count, "error") %> prohibited this account from being saved:</h2>
<ul>
<% @identity.errors.full_messages.each do |msg| %>
<li><%= msg %></li>
<% end %>
</ul>
</div>
<% end %>
<div class="field">
<%= label_tag :name %><br>
<%= text_field_tag :name, @identity.try(:name) %>
</div>
<div class="field">
<%= label_tag :email %><br>
<%= text_field_tag :email, @identity.try(:email) %>
</div>
<div class="field">
<%= label_tag :password %><br>
<%= password_field_tag :password %>
</div>
<div class="field">
<%= label_tag :password_confirmation %><br>
<%= password_field_tag :password_confirmation %>
</div>
<div class="actions"><%= submit_tag "Register" %></div>
<% end %>
[/html]

Screencast: Authentifizierung mit sorcery

sorcery ist ein modular aufgebautes Authetifizierungs-System für Rails 3.0/3.1. In diesem Screencast zeigt Ryan wie es eingesetzt werden kann.

 

Downloads in verschiedenen Formaten:

mp4
mp4
webm
ogg

 

Resourcen:

bash

[bash]
bundle
rake sorcery:bootstrap
rails g sorcery_migration core remember_me
rails g model user –skip-migration
rake db:migrate
rails g controller users new
rails g controller sessions new
[/bash]

Gemfile

[ruby]
gem ’sorcery‘
[/ruby]

config/initializers/sorcery.rb

[ruby]
Rails.application.config.sorcery.submodules = [:remember_me]

# . . .

user.username_attribute_name = :email
[/ruby]

models/user.rb

[ruby]
class User < ActiveRecord::Base
authenticates_with_sorcery!

attr_accessible :email, :password, :password_confirmation

validates_confirmation_of :password
validates_presence_of :password, :on => :create
validates_presence_of :email
validates_uniqueness_of :email
end
[/ruby]

users_controller.rb

[ruby]
def new
@user = User.new
end

def create
@user = User.new(params[:user])
if @user.save
redirect_to root_url, :notice => "Signed up!"
else
render :new
end
end
[/ruby]

views/users/new.html.erb

[html]
<%= form_for @user do |f| %>
<% if @user.errors.any? %>
<div class="error_messages">
<h2>Form is invalid</h2>
<ul>
<% for message in @user.errors.full_messages %>
<li><%= message %></li>
<% end %>
</ul>
</div>
<% end %>
<div class="field">
<%= f.label :email %>
<%= f.text_field :email %>
</div>
<div class="field">
<%= f.label :password %>
<%= f.password_field :password %>
</div>
<div class="field">
<%= f.label :password_confirmation %>
<%= f.password_field :password_confirmation %>
</div>
<div class="actions"><%= f.submit %></div>
<% end %>
[/html]

sessions_controller.rb

[ruby]
def create
user = login(params[:email], params[:password], params[:remember_me])
if user
redirect_back_or_to root_url, :notice => "Logged in!"
else
flash.now.alert = "Email or password was invalid"
render :new
end
end

def destroy
logout
redirect_to root_url, :notice => "Logged out!"
end
[/ruby]

views/sessions/new.html.erb

[html]
<%= form_tag sessions_path do %>
<div class="field">
<%= label_tag :email %>
<%= text_field_tag :email, params[:email] %>
</div>
<div class="field">
<%= label_tag :password %>
<%= password_field_tag :password %>
</div>
<div class="field">
<%= check_box_tag :remember_me, 1, params[:remember_me] %>
<%= label_tag :remember_me %>
</div>
<div class="actions"><%= submit_tag "Log in" %></div>
<% end %>
[/html]

config/routes.rb

[ruby]
get "logout" => "sessions#destroy", :as => "logout"
get "login" => "sessions#new", :as => "login"
get "signup" => "users#new", :as => "signup"
resources :users
resources :sessions
[/ruby]

home_controller.rb

[ruby]
before_filter :require_login, :only => :secret
[/ruby]

application_controller.rb

[ruby]
def not_authenticated
redirect_to login_url, :alert => "First login to access this page."
end
[/ruby]

application.html.erb

[html]
<% if current_user %>
Logged in as <%= current_user.email %>.
<%= link_to "Log out", logout_path %>
<% else %>
<%= link_to "Sign up", signup_path %> or
<%= link_to "log in", login_path %>.
<% end %>
[/html]

Screencast: Passwort reset und Erinnerungsfunktion

Passwörter zurücksetzen und Erinnerungsfunktionen, die einen wiederkehrenden Benutzer erkennen, sind inzwischen Standard in den meisten Applikationen. Ryan zeigt wie diese Woche wie in einer selbstgebauten Authentifizierung diese Funktionen auf einfache Weise implementiert werden können.

 

Downloads in verschiedenen Formaten:

source code
mp4
m4v
webm
ogv

 

Resourcen:

bash

[bash]
rails g migration add_auth_token_to_users auth_token:string
rake db:migrate
rails g controller password_resets new
rails g migration add_password_reset_to_users password_reset_token:string password_reset_sent_at:datetime
rails g mailer user_mailer password_reset
[/bash]

models/user.rb

[ruby]
before_create { generate_token(:auth_token) }

def send_password_reset
generate_token(:password_reset_token)
self.password_reset_sent_at = Time.zone.now
save!
UserMailer.password_reset(self).deliver
end

def generate_token(column)
begin
self[column] = SecureRandom.urlsafe_base64
end while User.exists?(column => self[column])
end
[/ruby]

application_controller.rb

[ruby]
def current_user
@current_user ||= User.find(session[:user_id]) if session[:user_id]
end
[/ruby]

sessions_controller.rb

[ruby]
def create
user = User.find_by_email(params[:email])
if user && user.authenticate(params[:password])
if params[:remember_me]
cookies.permanent[:auth_token] = user.auth_token
else
cookies[:auth_token] = user.auth_token
end
redirect_to root_url, :notice => "Logged in!"
else
flash.now.alert = "Invalid email or password"
render "new"
end
end

def destroy
cookies.delete(:auth_token)
redirect_to root_url, :notice => "Logged out!"
end
[/ruby]

password_resets_controller.rb

[ruby]

def create
user = User.find_by_email(params[:email])
user.send_password_reset if user
redirect_to root_url, :notice => "Email sent with password reset instructions."
end

def edit
@user = User.find_by_password_reset_token!(params[:id])
end

def update
@user = User.find_by_password_reset_token!(params[:id])
if @user.password_reset_sent_at < 2.hours.ago
redirect_to new_password_reset_path, :alert => "Password reset has expired."
elsif @user.update_attributes(params[:user])
redirect_to root_url, :notice => "Password has been reset!"
else
render :edit
end
end
[/ruby]

sessions/new.html.erb

[html]
<p><%= link_to "forgotten password?", new_password_reset_path %></p>
<div class="field">
<%= check_box_tag :remember_me, 1, params[:remember_me] %>
<%= label_tag :remember_me %>
</div>
[/html]

password_resets/new.html.erb

[html]
<%= form_tag password_resets_path, :method => :post do %>
<div class="field">
<%= label_tag :email %>
<%= text_field_tag :email, params[:email] %>
</div>
<div class="actions"><%= submit_tag "Reset Password" %></div>
<% end %>
[/html]

password_resets/edit.html.erb

[html]
<%= form_for @user, :url => password_reset_path(params[:id]) do |f| %>
<% if @user.errors.any? %>
<div class="error_messages">
<h2>Form is invalid</h2>
<ul>
<% for message in @user.errors.full_messages %>
<li><%= message %></li>
<% end %>
</ul>
</div>
<% end %>
<div class="field">
<%= f.label :password %>
<%= f.password_field :password %>
</div>
<div class="field">
<%= f.label :password_confirmation %>
<%= f.password_field :password_confirmation %>
</div>
<div class="actions"><%= f.submit "Update Password" %></div>
<% end %>
[/html]

config/evinroments/development.rb

[ruby]
config.action_mailer.default_url_options = { :host => "localhost:3000" }
[/ruby]

user_mailer.rb

[ruby]
def password_reset(user)
@user = user
mail :to => user.email, :subject => "Password Reset"
end
[/ruby]

user_mailer/password_reset.text.erb

[html]
To reset your password, click the URL below.

<%= edit_password_reset_url(@user.password_reset_token) %>

If you did not request your password to be reset, just ignore this email and your password will continue to stay the same.
[/html]

Screencast: Authentifizierung

Authentifizierung wird in vielen Applikationen, wenn nicht in den meisten, gebraucht. Das die Implementierung nicht Schwierig sein muss, zeigt Ryan in dieser Woche in seinem Screencast.

 

Download:

Download(22.6 MB, 15:26)
Alternativer Download für iPod & Apple TV(22.3 MB, 15:26)

 

Resourcen:

 

Quellcode:

[bash]
rails g controller users new
rails g model user email:string password_hash:string password_salt:string
rake db:migrate
rails dbconsole
rails g controller sessions new
[/bash]

[ruby]
# Gemfile
gem "bcrypt-ruby", :require => "bcrypt"

# models/user.rb
class User < ActiveRecord::Base
attr_accessible :email, :password, :password_confirmation

attr_accessor :password
before_save :encrypt_password

validates_confirmation_of :password
validates_presence_of :password, :on => :create
validates_presence_of :email
validates_uniqueness_of :email

def self.authenticate(email, password)
user = find_by_email(email)
if user && user.password_hash == BCrypt::Engine.hash_secret(password, user.password_salt)
user
else
nil
end
end

def encrypt_password
if password.present?
self.password_salt = BCrypt::Engine.generate_salt
self.password_hash = BCrypt::Engine.hash_secret(password, password_salt)
end
end
end

# users_controller.rb
def new
@user = User.new
end

def create
@user = User.new(params[:user])
if @user.save
redirect_to root_url, :notice => "Signed up!"
else
render "new"
end
end

# sessions_controller.rb
def new
end

def create
user = User.authenticate(params[:email], params[:password])
if user
session[:user_id] = user.id
redirect_to root_url, :notice => "Logged in!"
else
flash.now.alert = "Invalid email or password"
render "new"
end
end

def destroy
session[:user_id] = nil
redirect_to root_url, :notice => "Logged out!"
end

# application_controller.rb
helper_method :current_user

private

def current_user
@current_user ||= User.find(session[:user_id]) if session[:user_id]
end

# routes.rb
get "log_out" => "sessions#destroy", :as => "log_out"
get "log_in" => "sessions#new", :as => "log_in"
get "sign_up" => "users#new", :as => "sign_up"
root :to => "users#new"
resources :users
resources :sessions
[/ruby]

[html]
<!– users/new.html.erb –>
<h1>Sign Up</h1>

<%= form_for @user do |f| %>
<% if @user.errors.any? %>
<div class="error_messages">
<h2>Form is invalid</h2>
<ul>
<% for message in @user.errors.full_messages %>
<li><%= message %></li>
<% end %>
</ul>
</div>
<% end %>
<p>
<%= f.label :email %><br />
<%= f.text_field :email %>
</p>
<p>
<%= f.label :password %><br />
<%= f.password_field :password %>
</p>
<p>
<%= f.label :password_confirmation %><br />
<%= f.password_field :password_confirmation %>
</p>
<p class="button"><%= f.submit %></p>
<% end %>

<!– sessions/new.html.erb –>
<h1>Log in</h1>

<%= form_tag sessions_path do %>
<p>
<%= label_tag :email %><br />
<%= text_field_tag :email, params[:email] %>
</p>
<p>
<%= label_tag :password %><br />
<%= password_field_tag :password %>
</p>
<p class="button"><%= submit_tag "Log in" %></p>
<% end %>

<!– layouts/application.html.erb –>
<div id="user_nav">
<% if current_user %>
Logged in as <%= current_user.email %>.
<%= link_to "Log out", log_out_path %>
<% else %>
<%= link_to "Sign up", sign_up_path %> or
<%= link_to "log in", log_in_path %>
<% end %>
</div>

<% flash.each do |name, msg| %>
<%= content_tag :div, msg, :id => "flash_#{name}" %>
<% end %>
[/html]

Screencast: Authentifizierung über OmniAuth

OmniAuth ist ein flixibles Authentifizierungs-System, welches auf Rack aufsetzt. In dieser Woche zeigt Ryan wie einfach man mit OmniAuth in Rails einsetzen kann.

 

Download:

Download(12 MB, 9:06)
Alternativer Download für iPod & Apple TV(12 MB, 9:06)

 

Resourcen:

 

Quellcode:

[bash]
rails g controller sessions
rails g model user provider:string uid:string name:string
rake db:migrate
[/bash]

[ruby]
# Gemfile
gem ‚omniauth‘

# config/initializers/omniauth.rb
Rails.application.config.middleware.use OmniAuth::Builder do
provider :twitter, ‚CONSUMER_KEY‘, ‚CONSUMER_SECRET‘
end

# routes.rb
match "/auth/:provider/callback" => "sessions#create"
match "/signout" => "sessions#destroy", :as => :signout

# sessions_controller.rb
def create
auth = request.env["omniauth.auth"]
user = User.find_by_provider_and_uid(auth["provider"], auth["uid"]) || User.create_with_omniauth(auth)
session[:user_id] = user.id
redirect_to root_url, :notice => "Signed in!"
end

def destroy
session[:user_id] = nil
redirect_to root_url, :notice => "Signed out!"
end

# models/user.rb
def self.create_with_omniauth(auth)
create! do |user|
user.provider = auth["provider"]
user.uid = auth["uid"]
user.name = auth["user_info"]["name"]
end
end

# application_controller.rb
helper_method :current_user

private

def current_user
@current_user ||= User.find(session[:user_id]) if session[:user_id]
end
[/ruby]

[html]
<% if current_user %>
Welcome <%= current_user.name %>!
<%= link_to "Sign Out", signout_path %>
<% else %>
<%= link_to "Sign in with Twitter", "/auth/twitter" %>
<% end %>
[/html]

Screencast: OmniAuth Teil 2

Im zweiten Teil der OmniAuth-Screencasts zeigt Ryan wie OmniAuth in Device integriert werden kann und wie neue Benutzer incl. Validierung angelegt werden können.

 

Download:

Download(25.6 MB, 15:59)
Alternativer Download für iPod & Apple TV(23.9 MB, 15:59)

 

Resourcen:

 

Quellcode:

[bash]
bundle update
rails g controller registrations
rails g devise:views
[/bash]

[ruby]
# Gemfile
gem ‚mongrel‘, ‚1.2.0.pre2‘

# config/initializers/omniauth.rbb
require ‚openid/store/filesystem‘
Rails.application.config.middleware.use OmniAuth::Builder do
provider :twitter, ‚CONSUMER_KEY‘, ‚CONSUMER_SECRET‘
provider :open_id, OpenID::Store::Filesystem.new(‚/tmp‘)
end

# authentications_controller.rb
def create
omniauth = request.env["omniauth.auth"]
authentication = Authentication.find_by_provider_and_uid(omniauth[‚provider‘], omniauth[‚uid‘])
if authentication
flash[:notice] = "Signed in successfully."
sign_in_and_redirect(:user, authentication.user)
elsif current_user
current_user.authentications.create!(:provider => omniauth[‚provider‘], :uid => omniauth[‚uid‘])
flash[:notice] = "Authentication successful."
redirect_to authentications_url
else
user = User.new
user.apply_omniauth(omniauth)
if user.save
flash[:notice] = "Signed in successfully."
sign_in_and_redirect(:user, user)
else
session[:omniauth] = omniauth.except(‚extra‘)
redirect_to new_user_registration_url
end
end
end

# models/user.rb
def apply_omniauth(omniauth)
self.email = omniauth[‚user_info‘][‚email‘] if email.blank?
authentications.build(:provider => omniauth[‚provider‘], :uid => omniauth[‚uid‘])
end

def password_required?
(authentications.empty? || !password.blank?) && super
end

# routes.rb
devise_for :users, :controllers => {:registrations => ‚registrations‘}

# registrations_controller.rb
class RegistrationsController < Devise::RegistrationsController
def create
super
session[:omniauth] = nil unless @user.new_record?
end

private

def build_resource(*args)
super
if session[:omniauth]
@user.apply_omniauth(session[:omniauth])
@user.valid?
end
end
end

# models/authentication.rb
def provider_name
if provider == ‚open_id‘
"OpenID"
else
provider.titleize
end
end
[/ruby]

Screencast: OmniAuth Teil 1

Die traditionelle Authentifizierung mit einem eigenem System wird immer mehr zur einer Ausnahme. Moderne Webapplikationen bieten daher die Anmeldung über bestehende Dienste wie OpenID, Twitter, Facebook und/oder OAuth an. OmniAuth ist ein Plugin das in Rails-App für diesen Zweck eingesetzt werden kann. Ryan zeigt in im ersten Teil wie es in Devise integriert werden kann.

 

Download:

Download(25.6 MB, 10:52)
Alternativer Download für iPod & Apple TV(22.3 MB, 10:52)

 

Resourcen:

 

Quellcode:

[bash]
bundle install
rails g nifty:scaffold authentication user_id:integer provider:string uid:string index create destroy
rake db:migrate
[/bash]

[ruby]
# Gemfile
gem ‚omniauth‘

# models/user.rb
has_many :authentications

# models/authentication.rb
belongs_to :user

# authentications_controller.rb
def index
@authentications = current_user.authentications if current_user
end

def create
auth = request.env["rack.auth"]
current_user.authentications.find_or_create_by_provider_and_uid(auth[‚provider‘], auth[‚uid‘])
flash[:notice] = "Authentication successful."
redirect_to authentications_url
end

def destroy
@authentication = current_user.authentications.find(params[:id])
@authentication.destroy
flash[:notice] = "Successfully destroyed authentication."
redirect_to authentications_url
end
[/ruby]

[html]
<!– authentications/index.html.erb –>
<% title "Sign In" %>

<% if @authentications %>
<% unless @authentications.empty? %>
<p><strong>You can sign in to this account using:</strong></p>
<div class="authentications">
<% for authentication in @authentications %>
<div class="authentication">
<%= image_tag "#{authentication.provider}_32.png", :size => "32×32" %>
<div class="provider"><%= authentication.provider.titleize %></div>
<div class="uid"><%= authentication.uid %></div>
<%= link_to "X", authentication, :confirm => ‚Are you sure you want to remove this authentication option?‘, :method => :delete, :class => "remove" %>
</div>
<% end %>
<div class="clear"></div>
</div>
<% end %>
<p><strong>Add another service to sign in with:</strong></p>
<% else %>
<p><strong>Sign in through one of these services:</strong></p>
<% end %>

<a href="/auth/twitter" class="auth_provider">
<%= image_tag "twitter_64.png", :size => "64×64", :alt => "Twitter" %>
Twitter
</a>
<a href="/auth/facebook" class="auth_provider">
<%= image_tag "facebook_64.png", :size => "64×64", :alt => "Facebook" %>
Facebook
</a>
<a href="/auth/google_apps" class="auth_provider">
<%= image_tag "google_64.png", :size => "64×64", :alt => "Google" %>
Google
</a>
<a href="/auth/open_id" class="auth_provider">
<%= image_tag "openid_64.png", :size => "64×64", :alt => "OpenID" %>
OpenID
</a>
<div class="clear"></div>
[/html]

[css]
// application.css
.authentications {
margin-bottom: 30px;
}

.authentication {
width: 130px;
float: left;
background-color: #EEE;
border: solid 1px #999;
padding: 5px 10px;
-moz-border-radius: 8px;
-webkit-border-radius: 8px;
position: relative;
margin-right: 10px;
}

.authentication .remove {
text-decoration: none;
position: absolute;
top: 3px;
right: 3px;
color: #333;
padding: 2px 4px;
font-size: 10px;
}

.authentication .remove:hover {
color: #CCC;
background-color: #777;
-moz-border-radius: 6px;
-webkit-border-radius: 6px;
}

.authentication img {
float: left;
margin-right: 10px;
}

.authentication .provider {
font-weight: bold;
}

.authentication .uid {
color: #666;
font-size: 11px;
}

.auth_provider img {
display: block;
}

.auth_provider {
float: left;
text-decoration: none;
margin-right: 20px;
text-align: center;
margin-bottom: 10px;
}
[/css]

Screencast: Authentifizierung mit Janrain Engage

Janrain Engage bietet die Möglichkeit die Benutzer eine Seite über einen existierenden Account (Google, Facebook, etc.) anzumelden. Dadurch ist es für neue Benutzer nicht notwendig einen neuen Account auf der jeweiligen Seite anzulegen. Ryan zeigt in diesem Screencast wie Janrain Engage (RPX) in Rails-Applikationen benutzt werden können.

 

Download:

Download(13.5 MB, 6:22)
Alternativer Download für iPod & Apple TV(11.9 MB, 6:22)

 

Resourcen:

 

Quellcode:

[bash]
bundle install
rails g migration add_rpx_to_users rpx_identifier:string
rake db:migrate
[/bash]

[ruby]
# Gemfile
gem ‚devise_rpx_connectable‘

# user.rb
devise …, :rpx_connectable

# config/initializers/devise.rb
config.rpx_application_name = "railscasts"
RPXNow.api_key = "…"
[/ruby]

[html]
<!– layouts/application.html.erb –>
<%= link_to_rpx "Sign in", user_session_url %>

<%= javascript_include_rpx(user_session_url) %>

<!– or near sign up form –>
<%= embed_rpx user_session_url %>
[/html]

Screencast: Devise anpassen

In dieser Woche zeigt Ryan Devise an die eigenen Bedürfnisse angepasst werden kann. Dabei erklärt er auch wie die Views, das Routing, Validations und Authentication funktionieren.

 

Download:

Download (21.6 MB, 7:52)
Alternativer Download für iPod & Apple TV (16.9 MB, 7:52)

 

Resourcen:

 

Quellcode:

[bash]
rails generate devise_views
rails generate migration add_username_to_users username:string
rake db:migrate
rails c
[/bash]

[ruby]
# projects_controller.rb
before_filter :authenticate_user!, :except => [:show, :index]

# routes.rb
devise_for :users, :path_names => { :sign_up => "register" }

# config/initializers/devise.rb
config.authentication_keys = [ :username ]
config.password_length = 4..20
[/ruby]

[html]
<!– devise/sessions/new.html.erb –>
<% title "Sign in" %>

<%= form_for(resource_name, resource, :url => session_path(resource_name)) do |f| %>
<p><%= f.label :username %><br />
<%= f.text_field :username %></p>

<p><%= f.label :password %><br />
<%= f.password_field :password %></p>

<!– … –>
<% end %>
[/html]