Repository is archived
No commit activity in last 3 years
No release in over 3 years
Rails Engine to provide authentication for Thincloud applications
2005
2006
2007
2008
2009
2010
2011
2012
2013
2014
2015
2016
2017
2018
2019
2020
2021
2022
2023
2024
 Dependencies

Development

Runtime

~> 1.1.3
~> 3.2.13
 Project Readme

Thincloud::Authentication

Build Status Code Climate

Description

A Rails Engine to provide authentication for Thincloud applications.

Requirements

This gem requires Rails 3.2+ and has been tested on the following versions:

  • 3.2

This gem has been tested against the following Ruby versions:

  • MRI 1.9.2
  • MRI 1.9.3
  • MRI 2.0.0
  • JRuby 1.6+ (with JRUBY_OPTS=--1.9)
  • Rubinius 2.0.0dev (with RBXOPT=-X19)

This gem has been tested against the following database versions:

  • MySQL 5.0, 5.5
  • PostgreSQL 9.1, 9.2
  • SQLite 3

Installation

Add this line to your application's Gemfile:

gem "thincloud-authentication"
  • Run bundle
  • Copy the migrations and prepare your databases:
$ rake thincloud_authentication:install:migrations db:migrate db:test:prepare
  • Mount the engine in your config/routes.rb file:
mount Thincloud::Authentication::Engine => "/auth", as: "auth_engine"

Using the example above, you may now login or signup at http://lvh.me:3000/auth.

Prerequisites

The following must be true for thincloud-authentication to operate properly:

  • A root_url must be defined in config/routes.rb
  • A User model must exist

Configuration

The Thincloud::Authentication module accepts a configure block with options to customize the engine behavior.

Layouts

Set the layout option to customize the layout used by all thincloud-authentication views:

Thincloud::Authentication.configure do |config|
  config.layout = "other"
end

Mailers

Set the mailer_sender option to customize the "From" address of the emails sent from the system:

Thincloud::Authentication.configure do |config|
  config.mailer_sender = "app@example.com"
end

Cookies

Set the cookie_options option to customize the options that get passed to the authentication cookies:

Thincloud::Authentication.configure do |config|
  config.cookie_options = { secure: true, domain: :all }
end

Additional provider strategies

  • Require the omniauth-#{provider} gem before the thincloud-authentication gem in the Gemfile:
gem "omniauth-linkedin"
gem "omniauth-stripe-connect"
gem "thincloud-authentication"
  • Add a key to the providers hash with the name of the strategy, followed by additional options for require, scopes and fields as needed. Additionally, you will need to provide environment variables (prefixed with the provider name), with the consumer_key and consumer_secret values from your OAuth provider.

To enable the LinkedIn and Stripe Connect providers:

  • Provide values for following environment variables:
    • ENV["LINKEDIN_CONSUMER_KEY"]
    • ENV["LINKEDIN_CONSUMER_SECRET"]
    • ENV["STRIPE_CONNECT_CONSUMER_KEY"]
    • ENV["STRIPE_CONNECT_CONSUMER_SECRET"]
  • Add the file config/initializers/thincloud_authentication.rb with the following contents:
Thincloud::Authentication.configure do |config|
  config.providers = {
    linkedin: {
      scopes: "r_emailaddress r_basicprofile",
      fields: ["id", "email-address", "first-name", "last-name", "headline",
               "industry", "picture-url", "location", "public-profile-url"]
    },
    stripe_connect: {
      require: "omniauth-stripe-connect",
      scopes: "read_write"
    }
  }
end

Vanity Routes

If you want to customize the routes (remove the /auth prefix), you may add the following to your config/routes.rb file:

get "signup", to: "thincloud/authentication/registrations#new", as: "signup"
get "login", to: "thincloud/authentication/sessions#new", as: "login"
delete "logout", to: "thincloud/authentication/sessions#destroy", as: "logout"

Using the example above, you will have the following routes locally:

  • signup_url points to "/signup"
  • login_url points to "/login"
  • logout_url points to "/logout" - Make sure to use the delete method to logout.

Redirection

You can customize the paths used to redirect users after login, logout, registration and email verification by overriding the corresponding methods in your ApplicationController, or specific controllers, as needed.

  • after_login_path is used after the user logs in.
  • after_logout_path is used after the user logs out.
  • after_registration_path is used after the user registers.
  • after_verification_path is used after the user verifies their email.
  • after_password_update_path is used after the user updates their password.

Working with Identities

Thincloud Authentication provides a few service objects to assist with creating and updating Identities:

  • CreateInvitationForUser.call(user, name: "Test Name", email: "test@test.com") is used to create a new Identity for a user and send an email with an invitation URL which allows the user to choose a password.
  • UpdateIdentityPassword.call(identity, password: "s3kr1tz!", password_confirmation: "s3kr1tz!") is used to update the password for an existing Identity.

Both of the methods above will return true or false.

TODO

  • Add multiple, configurable strategy options
  • Add a configuration option to customize the mailers

Contributing

  1. Fork it
  2. Create your feature branch (git checkout -b my-new-feature)
  3. Commit your changes (git commit -am 'Added some feature')
  4. Push to the branch (git push origin my-new-feature)
  5. Create a Pull Request

License