File: README — Documentation for lra

Installation

Add this line to your application's Gemfile:

gem 'lra_client'

And then execute the following to setup:

$ bundle install
$ bundle exec rake lra_client:install:migrations
$ bundle exec rake db:migrate

To configure the client, add a new initializer to your project with the following:

LraClient.app_id = [your app ID]
LraClient.key = '[your app key]'
LraClient.domain_namespace = 'https://my.website.com/[mountpoint]'
LraClient.login_completion_url = '[where to redirect after login attempt]'

Finally, mount the engine into your config/routes.rb file:

mount LraClient::Engine, at: '[mountpoint]'

(A good example mountpoint for the above might be simply /lra)

Usage

Assuming you have mounted the engine at /lra, direct your users to /lra/login in order to start the login process. After a login attempt, your user will be redirected back to the endpoint you have specified by LraClient.login_completion_url. If the login was successful, a record in the lra_client_users table will have been created with some basic details. In addition, two session variables will have been set to identify the user:

session[:current_user_id] # the ID of a LraClient::User
session[:current_user_type] # always set to the string "LraClient::User"

At any point, you can validate that the current user has a valid LRA session by calling LraClient.validate_session(session). The LraClient::User object will be returned if the session is valid, and nil otherwise. This can be used to restrict access to pages by doing something similar to:

before_filter :validate_session

def validate_session
  @current_user = LraClient.validate_session(session)
  return true if @current_user.present?
  redirect_to '/lra/login'
  false
end