Module: Authlogic::ORMAdapters::ActiveRecordAdapter::ActsAsAuthentic

Defined in:

lib/authlogic/orm_adapters/active_record_adapter/acts_as_authentic.rb

Overview

Acts As Authentic

Provides the acts_as_authentic method to include in your models to help with authentication. See method below.

Instance Method Summary

• #acts_as_authentic(options = {}) ⇒ Object

  Call this method in your model to add in basic authentication madness that your authlogic session expects.

Instance Method Details

#acts_as_authentic(options = {}) ⇒ Object

Call this method in your model to add in basic authentication madness that your authlogic session expects.

Methods

For example purposes lets assume you have a User model.

Class method name           Description
User.crypto_provider        The class that you set in your :crypto_provider option
User.forget_all!            Finds all records, loops through them, and calls forget! on each record. This is paginated to save on memory.
User.unique_token           returns unique token generated by your :crypto_provider

Named Scopes
User.logged_in              Find all users who are logged in, based on your :logged_in_timeout option.
User.logged_out             Same as above, but logged out.

Isntace method name
user.password=              Method name based on the :password_field option. This is used to set the password. Pass the *raw* password to this.
user.confirm_password=      Confirms the password, needed to change the password.
user.valid_password?(pass)  Determines if the password passed is valid. The password could be encrypted or raw.
user.reset_password         Resets the password to a random password using only letters and numbers.
user.reset_password!        The same as reset_password but saves the record.
user.logged_in?             Based on the :logged_in_timeout option. Tells you if the user is logged in or not.
user.forget!                Changes their remember token, making their cookie and session invalid. A way to log the user out withouth changing their password.

Options

• session_class: default: “#nameSession”, This is the related session class. A lot of the configuration will be based off of the configuration values of this class.

• crypto_provider: default: Authlogic::CryptoProviders::Sha512, This is the class that provides your encryption. By default Authlogic provides its own crypto provider that uses Sha512 encrypton.

• login_field: default: options.login_field, The name of the field used for logging in, this is guess based on what columns are in your db. Only specify if you aren’t using: login, username, or email

• login_field_type: default: options == :email ? :email : :login, Tells authlogic how to validation the field, what regex to use, etc. If the field name is email it will automatically use email, otherwise it uses login.

• login_field_regex: default: if email then typical email regex, otherwise typical login regex. This is used in validates_format_of for the login_field.

• login_field_regex_message: the message to use when the validates_format_of for the login field fails.

• password_field: default: options.password_field, This is the name of the field to set the password, NOT the field the encrypted password is stored.

• crypted_password_field: default: depends on which columns are present, The name of the database field where your encrypted password is stored. If the name of the field is different from any of the following you need to specify it with this option: crypted_password, encrypted_password, password_hash, pw_hash

• password_salt_field: default: depends on which columns are present, This is the name of the field in your database that stores your password salt. If the name of the field is different from any of the following then you need to specify it with this option: password_salt, pw_salt, salt

• remember_token_field: default: options.remember_token_field, This is the name of the field your remember_token is stored. The remember token is a unique token that is stored in the users cookie and session. This way you have complete control of when session expire and you don’t have to change passwords to expire sessions. This also ensures that stale sessions can not be persisted. By stale, I mean sessions that are logged in using an outdated password. If the name of the field is anything other than the following you need to specify it with this option: remember_token, remember_key, cookie_token, cookie_key

• scope: default: nil, This scopes validations. If all of your users belong to an account you might want to scope everything to the account. Just pass :account_id

• logged_in_timeout: default: 10.minutes, This is really just a nifty feature to tell if a user is logged in or not. It’s based on activity. So if the user in inactive longer than the value you pass here they are assumed “logged out”.

• session_ids: default: [nil], The sessions that we want to automatically reset when a user is created or updated so you don’t have to worry about this. Set to [] to disable. Should be an array of ids. See the Authlogic::Session documentation for information on ids. The order is important. The first id should be your main session, the session they need to log into first. This is generally nil. When you don’t specify an id in your session you are really just inexplicitly saying you want to use the id of nil.

# File 'lib/authlogic/orm_adapters/active_record_adapter/acts_as_authentic.rb', line 81

def acts_as_authentic(options = {})
  # All logic for this method is split up into sub modules. This a stub to create a method chain off of and provide documentation.
end