Project

janus

0.01
No commit activity in last 3 years
No release in over 3 years
There's a lot of open issues
Authentication engine for Ruby on Rails
2005
2006
2007
2008
2009
2010
2011
2012
2013
2014
2015
2016
2017
2018
2019
2020
2021
2022
2023
2024
 Dependencies

Development

>= 0
>= 3.0.0
>= 0

Runtime

 Project Readme

Janus¶ ↑

Janus is an authentication engine for Ruby on Rails 3+ to painlessly handle users in your apps. It comes with everything needed, from the migrations to the controllers, plus some different strategies to keep user signed in.

Janus also tries to be somewhat compatible with Devise’s API and conventions, because there was no reason to change it completely. Thought there are some differences, like controllers and views being required in your apps, and emails being sent from the controllers and never from the models.

Features¶ ↑

  • full auth system with strategies and hooks;

  • scoped auth for parallel authentications (like users, admin_users, etc.);

  • abstract controllers and mailer ready to use;

  • generators to have everything generated automatically;

  • use only what you need at anytime.

As for the strategies and hooks:

Getting Started¶ ↑

First add the janus gem to your Gemfile, then run bundle to install it:

gem 'janus'
gem 'bcrypt'
# gem 'scrypt'

You also need either the bcrypt or scrypt gems, depending on which library you want to use to encrypt the passwords. Janus uses bcrypt by default, to be compatible with Devise, but you may prefer scrypt, which is stronger.

Run the janus:install generator to setup janus in your app:

$ rails generate janus:install

If you are running Rails 4.1+ you must add a secret_pepper to your config/secrets.yml file after generating a secure token with rake secret:

# config/secrets.yml
development:
  secret_key_base: "..."
  secret_pepper: "..."
test:
  secret_key_base: "..."
  secret_pepper: "..."
production:
  secret_key_base: ENV["SECRET_KEY_BASE"]
  secret_pepper: ENV["SECRET_PEPPER"]

If you are running a previous version of Rails, then you should edit config/initializers/janus.rb to use an environment variable instead of the generated token.

Then create your first authenticatable resource, let’s say User:

$ rails generate janus:resource user

You may notice that Janus also generates all the controllers and views. This is because you will eventually need those to customize some behavior and having them around from the beginning is great.

You may run the routes rake task, to see what routes were added by Janus.

Helpers & Filters¶ ↑

- authenticate_user!
- user_signed_in?
- current_user

Strategies¶ ↑

You may customize the strategies for the janus:resource generator, like an AdminUser that may only be created and managed from the console:

$ rails generate janus:resource AdminUser session password remember

Here is the list of all the current strategies:

  • session — get users signed in and out (email/password combinaison)

  • remember — keep users signed in across sessions

  • registration — get users registered

  • confirmation — emails may be confirmed after registration

  • password — reset password (using an email exchanged token)

  • track — track current and previous user’s sign in date and IP

  • remote — keeps users signed in different top level domains

  • token — get users signed in (with an unique token)

TODO¶ ↑

  • Reconfirmable when email changes.

  • Rememberable across top level domains.

  • Omniauthable (or shall we let the user do it himself?)

  • Providing an OAuth 1.0 service whould be cool.

License¶ ↑

Janus is distributed under the MIT-License.

Credits¶ ↑

Most of the API and some code like password encryption is copied from Devise: github.com/plataformatec/devise.git and Warden: github.com/hassox/warden

  • Julien Portalier <julien@portalier.com>