English 中文(简体)
Authenticating against a remote service using Authlogic
原标题:

I need to allow users to login to spree using a non-standard authentication service. Users in my community all have accounts on another 3d party service set up for us. That service provides a web-service that takes a login and password, and returns a userId if successful. As an admin I can then query for user profile information.

I ve been imagining that when a user attempts to log in, I run their credentials against the remote service, and if successful, store the username and then retrieve the profile information and push that into the db (name, address, etc...). Is that the right approach? How would I even do that?

最佳回答

Although I have not used spree, if this involves Authlogic (as your subject line suggests) then you can write you own method to validate users, instead of relying on Authlogic to validate against local database.

In your UserSession model:

class UserSession < Authlogic::Session::Base
  verify_password_method :my_custom_auth_method
  ...

Then in your User model:

def my_custom_auth_method(password_plaintext)
  # user  password_plaintext  and  self.username  to validate 
  # against remote service returning true or false
end

If you want to use Authlogic s validation in addition to your own method, you can call valid_password?(password_plaintext) from within your custom verify_password_method.

Not sure if this is what you mean, but hope it helps!

时间:2010-02-17 17:25:29
问题回答

暂无回答


上一篇:
下一篇:


相关问题
rails collection_select vs. select

collection_select and select Rails helpers: Which one should I use? I can t see a difference in both ways. Both helpers take a collection and generates options tags inside a select tag. Is there a ...

时间:2009-11-13 11:13:04 回答:3 展示:1
SSL slowness in EC2

We ve deployed our rails app to EC2. In our setup, we have two proxies on small instances behind round-robin DNS. These run nginx load balancers for a dynamically growing and shrinking farm of web ...

时间:2009-11-13 03:37:45 回答:3 展示:1
Auth-code with A-Za-z0-9 to use in an URL parameter

As part of a web application I need an auth-code to pass as a URL parameter. I am currently using (in Rails) : Digest::SHA1.hexdigest((object_id + rand(255)).to_s) Which provides long strings like : ...

时间:2009-11-09 19:05:27 回答:4 展示:1
RubyCAS-Client question: Rails

I ve installed RubyCAS-Client version 2.1.0 as a plugin within a rails app. It s working, but I d like to remove the ?ticket= in the url. Is this possible?

时间:2009-11-09 18:52:58 回答:1 展示:1
activerecord has_many :through find with one sql call

I have a these 3 models: class User < ActiveRecord::Base has_many :permissions, :dependent => :destroy has_many :roles, :through => :permissions end class Permission < ActiveRecord::...

时间:2009-11-09 16:00:01 回答:3 展示:1
Ordering a hash to xml: Rails

I m building an xml document from a hash. The xml attributes need to be in order. How can this be accomplished? hash.to_xml

时间:2009-11-09 15:49:30 回答:5 展示:1
Text Editor for Ruby-on-Rails

guys which text editor is good for Rubyonrails? i m using Windows and i was using E-Texteditor but its not free n its expired now can anyone plese tell me any free texteditor? n which one is best an ...

时间:2009-11-09 14:40:21 回答:13 展示:1
How to get SQL queries for each user where env is production

I’m developing an application dedicated to generate statistical reports, I would like that user after saving their stat report they save sql queries too. To do that I wrote the following module: ...

时间:2009-11-09 14:20:51 回答:1 展示:1
热门标签

友情链接

Allggapp Alljchome-教程家园 mvfinale.com-影视剧情大结局大全