Module: Authlogic::Session::Config::ClassMethods
- Defined in:
- lib/authlogic/session/config.rb
Overview
Session Config
This deals with configuration for your session. If you are wanting to configure your model please look at Authlogic::ORMAdapters::ActiveRecord::ActsAsAuthentic
Configuration for your session is simple. The configuration options are just class methods. Just put this in your config/initializers directory
UserSession.configure do |config|
config.authenticate_with = User
# ... more configuration
end
or you can set your configuration in the session class directly:
class UserSession < Authlogic::Session::Base
authenticate_with User
# ... more configuration
end
You can also access the values in the same fashion:
UserSession.authenticate_with
See the methods belows for all configuration options.
Instance Method Summary collapse
-
#authenticate_with(klass) ⇒ Object
(also: #authenticate_with=)
Lets you change which model to use for authentication.
-
#configure {|_self| ... } ⇒ Object
Convenience method that lets you easily set configuration, see examples above.
-
#cookie_key(value = nil) ⇒ Object
(also: #cookie_key=)
The name of the cookie or the key in the cookies hash.
-
#find_by_login_method(value = nil) ⇒ Object
(also: #find_by_login_method=)
Authlogic tries to validate the credentials passed to it.
-
#find_by_openid_method(value = nil) ⇒ Object
(also: #find_by_openid_method=)
Once the user confirms their openid Authlogic tries to find the record with that openod.
-
#find_with(*values) ⇒ Object
(also: #find_with=)
Calling UserSession.find tries to find the user session by session, then cookie, then params, and finally by basic http auth.
-
#last_request_at_threshold(value = nil) ⇒ Object
(also: #last_request_at_threshold=)
Every time a session is found the last_request_at field for that record is updatd with the current time, if that field exists.
-
#login_field(value = nil) ⇒ Object
(also: #login_field=)
The name of the method you want Authlogic to create for storing the login / username.
-
#openid_field(value = nil) ⇒ Object
(also: #openid_field=)
The name of the method you want Authlogic to create for storing the openid url.
-
#openid_file_store_path(value = nil) ⇒ Object
(also: #openid_file_store_path=)
The name of the method you want Authlogic to create for storing the openid url.
-
#params_key(value = nil) ⇒ Object
(also: #params_key=)
Works exactly like cookie_key, but for params.
-
#password_field(value = nil) ⇒ Object
(also: #password_field=)
Works exactly like login_field, but for the password instead.
-
#remember_me(value = nil) ⇒ Object
(also: #remember_me=)
If sessions should be remembered by default or not.
-
#remember_me_for(value = :_read) ⇒ Object
(also: #remember_me_for=)
The length of time until the cookie expires.
-
#remember_token_field(value = nil) ⇒ Object
(also: #remember_token_field=)
The name of the field that the remember token is stored.
-
#session_key(value = nil) ⇒ Object
(also: #session_key=)
Works exactly like cookie_key, but for sessions.
-
#verify_password_method(value = nil) ⇒ Object
(also: #verify_password_method=)
The name of the method in your model used to verify the password.
Instance Method Details
#authenticate_with(klass) ⇒ Object Also known as: authenticate_with=
Lets you change which model to use for authentication.
-
Default:
inferred from the class name. UserSession would automatically try User -
Accepts:
an ActiveRecord class
37 38 39 40 |
# File 'lib/authlogic/session/config.rb', line 37 def authenticate_with(klass) @klass_name = klass.name @klass = klass end |
#configure {|_self| ... } ⇒ Object
Convenience method that lets you easily set configuration, see examples above
44 45 46 |
# File 'lib/authlogic/session/config.rb', line 44 def configure yield self end |
#cookie_key(value = nil) ⇒ Object Also known as:
The name of the cookie or the key in the cookies hash. Be sure and use a unique name. If you have multiple sessions and they use the same cookie it will cause problems. Also, if a id is set it will be inserted into the beginning of the string. Exmaple:
session = UserSession.new
session. => "user_credentials"
session = UserSession.new(:super_high_secret)
session. => "super_high_secret_user_credentials"
-
Default:
“#Authlogic::Session::Config::ClassMethods.klass_nameklass_name.underscore_credentials” -
Accepts:
String
59 60 61 62 63 64 65 |
# File 'lib/authlogic/session/config.rb', line 59 def (value = nil) if value.nil? read_inheritable_attribute(:cookie_key) || ("#{klass_name.underscore}_credentials") else write_inheritable_attribute(:cookie_key, value) end end |
#find_by_login_method(value = nil) ⇒ Object Also known as: find_by_login_method=
Authlogic tries to validate the credentials passed to it. One part of validation is actually finding the user and making sure it exists. What method it uses the do this is up to you.
Let’s say you have a UserSession that is authenticating a User. By default UserSession will call User.find_by_login(login). You can change what method UserSession calls by specifying it here. Then in your User model you can make that method do anything you want, giving you complete control of how users are found by the UserSession.
Let’s take an example: You want to allow users to login by username or email. Set this to the name of the class method that does this in the User model. Let’s call it “find_by_username_or_email”
class User < ActiveRecord::Base
def self.find_by_username_or_email(login)
find_by_username(login) || find_by_email(login)
end
end
-
Default:
“find_by_##login_field” -
Accepts:
Symbol or String
83 84 85 86 87 88 89 |
# File 'lib/authlogic/session/config.rb', line 83 def find_by_login_method(value = nil) if value.nil? read_inheritable_attribute(:find_by_login_method) || find_by_login_method("find_by_#{login_field}") else write_inheritable_attribute(:find_by_login_method, value) end end |
#find_by_openid_method(value = nil) ⇒ Object Also known as: find_by_openid_method=
Once the user confirms their openid Authlogic tries to find the record with that openod. This is the method it called on the record’s class to find the record by the openid.
-
Default:
“find_by_##openid_field” -
Accepts:
Symbol or String
97 98 99 100 101 102 103 |
# File 'lib/authlogic/session/config.rb', line 97 def find_by_openid_method(value = nil) if value.nil? read_inheritable_attribute(:find_by_openid_method) || find_by_openid_method("find_by_#{openid_field}") else write_inheritable_attribute(:find_by_openid_method, value) end end |
#find_with(*values) ⇒ Object Also known as: find_with=
Calling UserSession.find tries to find the user session by session, then cookie, then params, and finally by basic http auth. This option allows you to change the order or remove any of these.
-
Default:
[:session, :cookie, :params, :http_auth] -
Accepts:
Array, and can only use any of the 3 options above
111 112 113 114 115 116 117 118 |
# File 'lib/authlogic/session/config.rb', line 111 def find_with(*values) if values.blank? read_inheritable_attribute(:find_with) || find_with(:session, :cookie, :params, :http_auth) else values.flatten! write_inheritable_attribute(:find_with, values) end end |
#last_request_at_threshold(value = nil) ⇒ Object Also known as: last_request_at_threshold=
Every time a session is found the last_request_at field for that record is updatd with the current time, if that field exists. If you want to limit how frequent that field is updated specify the threshold here. For example, if your user is making a request every 5 seconds, and you feel this is too frequent, and feel a minute is a good threashold. Set this to 1.minute. Once a minute has passed in between requests the field will be updated.
-
Default:
0 -
Accepts:
integer representing time in seconds
127 128 129 130 131 132 133 |
# File 'lib/authlogic/session/config.rb', line 127 def last_request_at_threshold(value = nil) if value.nil? read_inheritable_attribute(:last_request_at_threshold) || last_request_at_threshold(0) else write_inheritable_attribute(:last_request_at_threshold, value) end end |
#login_field(value = nil) ⇒ Object Also known as: login_field=
The name of the method you want Authlogic to create for storing the login / username. Keep in mind this is just for your Authlogic::Session, if you want it can be something completely different than the field in your model. So if you wanted people to login with a field called “login” and then find users by email this is compeltely doable. See the find_by_login_method configuration option for more details.
-
Default:
Guesses based on the model columns, tries login, username, and email. If none are present it defaults to login -
Accepts:
Symbol or String
143 144 145 146 147 148 149 |
# File 'lib/authlogic/session/config.rb', line 143 def login_field(value = nil) if value.nil? read_inheritable_attribute(:login_field) || login_field(klass.login_field) else write_inheritable_attribute(:login_field, value) end end |
#openid_field(value = nil) ⇒ Object Also known as: openid_field=
The name of the method you want Authlogic to create for storing the openid url. Keep in mind this is just for your Authlogic::Session, if you want it can be something completely different than the field in your model. So if you wanted people to login with a field called “openid_url” and then find users by openid this is compeltely doable. See the find_by_openid_method configuration option for more details.
-
Default:
Guesses based on the model columns, tries openid, openid_url, identity_url. -
Accepts:
Symbol or String
159 160 161 162 163 164 165 |
# File 'lib/authlogic/session/config.rb', line 159 def openid_field(value = nil) if value.nil? read_inheritable_attribute(:openid_field) || openid_field((klass.column_names.include?("openid") && :openid) || (klass.column_names.include?("openid_url") && :openid_url) || (klass.column_names.include?("identity_url") && :identity_url)) else write_inheritable_attribute(:openid_field, value) end end |
#openid_file_store_path(value = nil) ⇒ Object Also known as: openid_file_store_path=
The name of the method you want Authlogic to create for storing the openid url. Keep in mind this is just for your Authlogic::Session, if you want it can be something completely different than the field in your model. So if you wanted people to login with a field called “openid_url” and then find users by openid this is compeltely doable. See the find_by_openid_method configuration option for more details.
-
Default:
Guesses based on the model columns, tries openid, openid_url, identity_url. -
Accepts:
Symbol or String
175 176 177 178 179 180 181 |
# File 'lib/authlogic/session/config.rb', line 175 def openid_file_store_path(value = nil) if value.nil? read_inheritable_attribute(:openid_file_store_path) || openid_file_store_path((defined?(RAILS_ROOT) && RAILS_ROOT + "/tmp/openids") || (defined?(Merb) && Merb.root + "/tmp/openids")) else write_inheritable_attribute(:openid_file_store_path, value) end end |
#params_key(value = nil) ⇒ Object Also known as: params_key=
Works exactly like cookie_key, but for params. So a user can login via params just like a cookie or a session. Your URK would look like:
http://www.domain.com?user_credentials=fdsfdfd32jfksdjfdksl
You can change the “user_credentials” key above with this configuration option. Keep in mind, just like cookie_key, if you supply an id the id will be appended to the front.
-
Default:
cookie_key -
Accepts:
String
193 194 195 196 197 198 199 |
# File 'lib/authlogic/session/config.rb', line 193 def params_key(value = nil) if value.nil? read_inheritable_attribute(:params_key) || params_key() else write_inheritable_attribute(:params_key, value) end end |
#password_field(value = nil) ⇒ Object Also known as: password_field=
Works exactly like login_field, but for the password instead.
-
Default:
Guesses based on the model columns, tries password and pass. If none are present it defaults to password -
Accepts:
Symbol or String
206 207 208 209 210 211 212 |
# File 'lib/authlogic/session/config.rb', line 206 def password_field(value = nil) if value.nil? read_inheritable_attribute(:password_field) || password_field(klass.password_field) else write_inheritable_attribute(:password_field, value) end end |
#remember_me(value = nil) ⇒ Object Also known as: remember_me=
If sessions should be remembered by default or not.
-
Default:
false -
Accepts:
Boolean
219 220 221 222 223 224 225 |
# File 'lib/authlogic/session/config.rb', line 219 def remember_me(value = nil) if value.nil? read_inheritable_attribute(:remember_me) else write_inheritable_attribute(:remember_me, value) end end |
#remember_me_for(value = :_read) ⇒ Object Also known as: remember_me_for=
The length of time until the cookie expires.
-
Default:
3.months -
Accepts:
Integer, length of time in seconds, such as 60 or 3.months
232 233 234 235 236 237 238 |
# File 'lib/authlogic/session/config.rb', line 232 def remember_me_for(value = :_read) if value == :_read read_inheritable_attribute(:remember_me_for) || remember_me_for(3.months) else write_inheritable_attribute(:remember_me_for, value) end end |
#remember_token_field(value = nil) ⇒ Object Also known as: remember_token_field=
The name of the field that the remember token is stored. This is for cookies. Let’s say you set up your app and want all users to be remembered for 6 months. Then you realize that might be a little too long. Well they already have a cookie set to expire in 6 months. Without a token you would have to reset their password, which obviously isn’t feasible. So instead of messing with their password just reset their remember token. Next time they access the site and try to login via a cookie it will be rejected and they will have to relogin.
-
Default:
Guesses based on the model columns, tries remember_token, remember_key, cookie_token, and cookie_key. If none are present it defaults to remember_token -
Accepts:
Symbol or String
247 248 249 250 251 252 253 |
# File 'lib/authlogic/session/config.rb', line 247 def remember_token_field(value = nil) if value.nil? read_inheritable_attribute(:remember_token_field) || remember_token_field(klass.remember_token_field) else write_inheritable_attribute(:remember_token_field, value) end end |
#session_key(value = nil) ⇒ Object Also known as: session_key=
Works exactly like cookie_key, but for sessions. See cookie_key for more info.
-
Default:
cookie_key -
Accepts:
Symbol or String
260 261 262 263 264 265 266 |
# File 'lib/authlogic/session/config.rb', line 260 def session_key(value = nil) if value.nil? read_inheritable_attribute(:session_key) || session_key() else write_inheritable_attribute(:session_key, value) end end |
#verify_password_method(value = nil) ⇒ Object Also known as: verify_password_method=
The name of the method in your model used to verify the password. This should be an instance method. It should also be prepared to accept a raw password and a crytped password.
-
Default:
“valid_##password_field?” -
Accepts:
Symbol or String
273 274 275 276 277 278 279 |
# File 'lib/authlogic/session/config.rb', line 273 def verify_password_method(value = nil) if value.nil? read_inheritable_attribute(:verify_password_method) || verify_password_method("valid_#{password_field}?") else write_inheritable_attribute(:verify_password_method, value) end end |