Module: Authlogic::Session::Config::ClassMethods

Defined in:
lib/authlogic/session/config.rb

Overview

Session Config

This deals with configuration for your session. If you are wanting to configure your model please look at Authlogic::ORMAdapters::ActiveRecordAdapter::ActsAsAuthentic::Config

Configuration for your session is simple. The configuration options are just class methods. Just put this in your config/initializers directory

UserSession.configure do |config|
  config.authenticate_with = User
  # ... more configuration
end

or you can set your configuration in the session class directly:

class UserSession < Authlogic::Session::Base
  authenticate_with User
  # ... more configuration
end

You can also access the values in the same fashion:

UserSession.authenticate_with

See the methods belows for all configuration options.

Instance Method Summary collapse

Instance Method Details

#authenticate_with(klass) ⇒ Object Also known as: authenticate_with=

Lets you change which model to use for authentication.

  • Default: inferred from the class name. UserSession would automatically try User

  • Accepts: an ActiveRecord class


37
38
39
40
# File 'lib/authlogic/session/config.rb', line 37

def authenticate_with(klass)
  @klass_name = klass.name
  @klass = klass
end

#configure {|_self| ... } ⇒ Object

Convenience method that lets you easily set configuration, see examples above

Yields:

  • (_self)

Yield Parameters:


44
45
46
# File 'lib/authlogic/session/config.rb', line 44

def configure
  yield self
end

The name of the cookie or the key in the cookies hash. Be sure and use a unique name. If you have multiple sessions and they use the same cookie it will cause problems. Also, if a id is set it will be inserted into the beginning of the string. Exmaple:

session = UserSession.new
session.cookie_key => "user_credentials"

session = UserSession.new(:super_high_secret)
session.cookie_key => "super_high_secret_user_credentials"
  • Default: “#Authlogic::Session::Config::ClassMethods.klass_nameklass_name.underscore_credentials”

  • Accepts: String


59
60
61
62
63
64
65
# File 'lib/authlogic/session/config.rb', line 59

def cookie_key(value = nil)
  if value.nil?
    read_inheritable_attribute(:cookie_key) || cookie_key("#{klass_name.underscore}_credentials")
  else
    write_inheritable_attribute(:cookie_key, value)
  end
end

#find_by_login_method(value = nil) ⇒ Object Also known as: find_by_login_method=

Authlogic tries to validate the credentials passed to it. One part of validation is actually finding the user and making sure it exists. What method it uses the do this is up to you.

Let's say you have a UserSession that is authenticating a User. By default UserSession will call User.find_by_login(login). You can change what method UserSession calls by specifying it here. Then in your User model you can make that method do anything you want, giving you complete control of how users are found by the UserSession.

Let's take an example: You want to allow users to login by username or email. Set this to the name of the class method that does this in the User model. Let's call it “find_by_username_or_email”

class User < ActiveRecord::Base
  def self.find_by_username_or_email()
    find_by_username() || find_by_email()
  end
end
  • Default: “find_by_##login_field

  • Accepts: Symbol or String


83
84
85
86
87
88
89
# File 'lib/authlogic/session/config.rb', line 83

def (value = nil)
  if value.nil?
    read_inheritable_attribute(:find_by_login_method) || ("find_by_#{}")
  else
    write_inheritable_attribute(:find_by_login_method, value)
  end
end

#find_with(*values) ⇒ Object Also known as: find_with=

Calling UserSession.find tries to find the user session by session, then cookie, then params, and finally by basic http auth. This option allows you to change the order or remove any of these.

  • Default: [:params, :session, :cookie, :http_auth]

  • Accepts: Array, and can only use any of the 3 options above


97
98
99
100
101
102
103
104
# File 'lib/authlogic/session/config.rb', line 97

def find_with(*values)
  if values.blank?
    read_inheritable_attribute(:find_with) || find_with(:params, :session, :cookie, :http_auth)
  else
    values.flatten!
    write_inheritable_attribute(:find_with, values)
  end
end

#last_request_at_threshold(value = nil) ⇒ Object Also known as: last_request_at_threshold=

Every time a session is found the last_request_at field for that record is updatd with the current time, if that field exists. If you want to limit how frequent that field is updated specify the threshold here. For example, if your user is making a request every 5 seconds, and you feel this is too frequent, and feel a minute is a good threashold. Set this to 1.minute. Once a minute has passed in between requests the field will be updated.

  • Default: 0

  • Accepts: integer representing time in seconds


113
114
115
116
117
118
119
# File 'lib/authlogic/session/config.rb', line 113

def last_request_at_threshold(value = nil)
  if value.nil?
    read_inheritable_attribute(:last_request_at_threshold) || last_request_at_threshold(0)
  else
    write_inheritable_attribute(:last_request_at_threshold, value)
  end
end

#login_blank_message(value = nil) ⇒ Object Also known as: login_blank_message=

The error message used when the login is left blank.

  • Default: “can not be blank”

  • Accepts: String


126
127
128
129
130
131
132
# File 'lib/authlogic/session/config.rb', line 126

def (value = nil)
  if value.nil?
    read_inheritable_attribute(:login_blank_message) || ("can not be blank")
  else
    write_inheritable_attribute(:login_blank_message, value)
  end
end

#login_field(value = nil) ⇒ Object Also known as: login_field=

The name of the method you want Authlogic to create for storing the login / username. Keep in mind this is just for your Authlogic::Session, if you want it can be something completely different than the field in your model. So if you wanted people to login with a field called “login” and then find users by email this is compeltely doable. See the find_by_login_method configuration option for more details.


155
156
157
158
159
160
161
# File 'lib/authlogic/session/config.rb', line 155

def (value = nil)
  if value.nil?
    read_inheritable_attribute(:login_field) || (klass.acts_as_authentic_config[:login_field])
  else
    write_inheritable_attribute(:login_field, value)
  end
end

#login_not_found_message(value = nil) ⇒ Object Also known as: login_not_found_message=

The error message used when the login could not be found in the database.

  • Default: “does not exist”

  • Accepts: String


139
140
141
142
143
144
145
# File 'lib/authlogic/session/config.rb', line 139

def (value = nil)
  if value.nil?
    read_inheritable_attribute(:login_not_found_message) || ("does not exist")
  else
    write_inheritable_attribute(:login_not_found_message, value)
  end
end

#not_active_message(value = nil) ⇒ Object Also known as: not_active_message=

The error message used when the record returns false to active?

  • Default: “Your account is not active”

  • Accepts: String


168
169
170
171
172
173
174
# File 'lib/authlogic/session/config.rb', line 168

def not_active_message(value = nil)
  if value.nil?
    read_inheritable_attribute(:not_active_message) || not_active_message("Your account is not active")
  else
    write_inheritable_attribute(:not_active_message, value)
  end
end

#not_approved_message(value = nil) ⇒ Object Also known as: not_approved_message=

The error message used when the record returns false to approved?

  • Default: “Your account is not approved”

  • Accepts: String


181
182
183
184
185
186
187
# File 'lib/authlogic/session/config.rb', line 181

def not_approved_message(value = nil)
  if value.nil?
    read_inheritable_attribute(:not_approved_message) || not_approved_message("Your account is not approved")
  else
    write_inheritable_attribute(:not_approved_message, value)
  end
end

#not_confirmed_message(value = nil) ⇒ Object Also known as: not_confirmed_message=

The error message used when the record returns false to confirmed?

  • Default: “Your account is not confirmed”

  • Accepts: String


194
195
196
197
198
199
200
# File 'lib/authlogic/session/config.rb', line 194

def not_confirmed_message(value = nil)
  if value.nil?
    read_inheritable_attribute(:not_confirmed_message) || not_confirmed_message("Your account is not confirmed")
  else
    write_inheritable_attribute(:not_confirmed_message, value)
  end
end

#params_key(value = nil) ⇒ Object Also known as: params_key=

Works exactly like cookie_key, but for params. So a user can login via params just like a cookie or a session. Your URL would look like:

http://www.domain.com?user_credentials=my_single_access_key

You can change the “user_credentials” key above with this configuration option. Keep in mind, just like cookie_key, if you supply an id the id will be appended to the front. Check out cookie_key for more details. Also checkout the “Single Access / Private Feeds Access” section in the README.

  • Default: cookie_key

  • Accepts: String


212
213
214
215
216
217
218
# File 'lib/authlogic/session/config.rb', line 212

def params_key(value = nil)
  if value.nil?
    read_inheritable_attribute(:params_key) || params_key(cookie_key)
  else
    write_inheritable_attribute(:params_key, value)
  end
end

#password_blank_message(value = nil) ⇒ Object Also known as: password_blank_message=

The error message used when the password is left blank.

  • Default: “can not be blank”

  • Accepts: String


225
226
227
228
229
230
231
# File 'lib/authlogic/session/config.rb', line 225

def password_blank_message(value = nil)
  if value.nil?
    read_inheritable_attribute(:password_blank_message) || password_blank_message("can not be blank")
  else
    write_inheritable_attribute(:password_blank_message, value)
  end
end

#password_field(value = nil) ⇒ Object Also known as: password_field=

Works exactly like login_field, but for the password instead.

  • Default: :password

  • Accepts: Symbol or String


238
239
240
241
242
243
244
# File 'lib/authlogic/session/config.rb', line 238

def password_field(value = nil)
  if value.nil?
    read_inheritable_attribute(:password_field) || password_field(:password)
  else
    write_inheritable_attribute(:password_field, value)
  end
end

#password_invalid_message(value = nil) ⇒ Object Also known as: password_invalid_message=

The error message used when the password is invalid.

  • Default: “is invalid”

  • Accepts: String


251
252
253
254
255
256
257
# File 'lib/authlogic/session/config.rb', line 251

def password_invalid_message(value = nil)
  if value.nil?
    read_inheritable_attribute(:password_invalid_message) || password_invalid_message("is invalid")
  else
    write_inheritable_attribute(:password_invalid_message, value)
  end
end

#remember_me(value = nil) ⇒ Object Also known as: remember_me=

If sessions should be remembered by default or not.

  • Default: false

  • Accepts: Boolean


264
265
266
267
268
269
270
# File 'lib/authlogic/session/config.rb', line 264

def remember_me(value = nil)
  if value.nil?
    read_inheritable_attribute(:remember_me)
  else
    write_inheritable_attribute(:remember_me, value)
  end
end

#remember_me_for(value = :_read) ⇒ Object Also known as: remember_me_for=

The length of time until the cookie expires.

  • Default: 3.months

  • Accepts: Integer, length of time in seconds, such as 60 or 3.months


277
278
279
280
281
282
283
# File 'lib/authlogic/session/config.rb', line 277

def remember_me_for(value = :_read)
  if value == :_read
    read_inheritable_attribute(:remember_me_for) || remember_me_for(3.months)
  else
    write_inheritable_attribute(:remember_me_for, value)
  end
end

#session_key(value = nil) ⇒ Object Also known as: session_key=

Works exactly like cookie_key, but for sessions. See cookie_key for more info.

  • Default: cookie_key

  • Accepts: Symbol or String


290
291
292
293
294
295
296
# File 'lib/authlogic/session/config.rb', line 290

def session_key(value = nil)
  if value.nil?
    read_inheritable_attribute(:session_key) || session_key(cookie_key)
  else
    write_inheritable_attribute(:session_key, value)
  end
end

#single_access_allowed_request_types(*values) ⇒ Object Also known as: single_access_allowed_request_types=

Authentication is allowed via a single access token, but maybe this is something you don't want for your application as a whole. Maybe this is something you only want for specific request types. Specify a list of allowed request types and single access authentication will only be allowed for the ones you specify. Checkout the “Single Access / Private Feeds Access” section in the README.

  • Default: “application/rss+xml”, “application/atom+xml”

  • Accepts: String, or :all to allow single access authentication for any and all request types


304
305
306
307
308
309
310
# File 'lib/authlogic/session/config.rb', line 304

def single_access_allowed_request_types(*values)
  if values.blank?
    read_inheritable_attribute(:single_access_allowed_request_types) || single_access_allowed_request_types("application/rss+xml", "application/atom+xml")
  else
    write_inheritable_attribute(:single_access_allowed_request_types, values)
  end
end

#verify_password_method(value = nil) ⇒ Object Also known as: verify_password_method=

The name of the method in your model used to verify the password. This should be an instance method. It should also be prepared to accept a raw password and a crytped password.


317
318
319
320
321
322
323
# File 'lib/authlogic/session/config.rb', line 317

def verify_password_method(value = nil)
  if value.nil?
    read_inheritable_attribute(:verify_password_method) || verify_password_method("valid_#{password_field}?")
  else
    write_inheritable_attribute(:verify_password_method, value)
  end
end