I personally use Devise + CanTango (a roles layer on top of CanCan, an authorization provider) and it's really really easy to set it up and get going. You should really try the combo out.
On Sun, Oct 16, 2011 at 2:22 AM, Brandon Black <[email protected]>wrote: > For some reason everyone seems to always go for right Devise (like a > moth to a flame). Nothing wrong with that, but I've always found > OmniAuth to be far more superior: https://github.com/intridea/omniauth > > Depending on who your provider is and what they're using for > authentication/authorization, it's quite easy to accomplish both > simultaneously in one flow. Google uses a hybrid OpenID approach > mixing in oauth authentication as part of the login flow and Facebook > does the same with connect. > > OmniAuth is easy to use and well supported by the talented crew over > at Intridea. I've used it personally many times for Google, Facebook, > Twitter, and Vimeo, but it supports many more providers. If the > provider you're looking for isn't there, it's quite easy to add an > extension for them. > > On Oct 14, 9:03 am, Norbert Melzer <[email protected]> wrote: > > Hi All! > > > > I am searching for a gem that handles authentication and authorization > > at the same time for me. > > > > I tried several combinations of different authentication and > > authorization gems, but even if the combinations worked, I dont get > > comfortable with them. I dislike the fact to configure so many things > > in so many places... > > > > Therefore I am searching for a gem that handles both for me and is > > easy to configure. > > > > It should work with rails 3.1 and have configurable roles. +1 if I can > > add own roles. +2 if I can assign the roles per object and dont have > > to assign them system wide... > > > > To clarify the +2: > > Lets say I have a forum and a blog with the same user base. I have the > > admin role in both places and may do everything everywhere. > > A normal user without special rights is allowed to read and comment in > > the blog and to write in the forum. > > The user "klaus" is an author for blogposts but has no special rights > > in the forum, so there he is a normal user. > > On the other Hand there is "alfred" who is allowed to moderate the > > forum but not allowed to do anything more than comments and reading in > > the blog. > > There could be a third user that is allowed to write articles in the > > blog and moderate the forum... > > With the authorization gems I found and tried so far I had to define > > systemwide roles that had to implement different behaviour for the > > subsystems, so I had the following roles in this simple scenario: > > owner -> Overall side admin > > blog_author_and_forum_mod -> Is allowed to use full blog and moderate > > in the forum > > only_blog_author -> Is allowed to use the blog but is a simple user in > the forum > > only_forum_mod -> Is allowed to moderate the forum, but is not allowed > > to create his own blogsposts > > user -> standarduser as described above > > guest -> Read-Only, is not allowed to comment or write in the forum. > > > > If there are other subsystems added or hidden forums this will get > > much more complicated... > > > > TIA > > Norbert > > -- > You received this message because you are subscribed to the Google Groups > "Ruby on Rails: Talk" group. > To post to this group, send email to [email protected]. > To unsubscribe from this group, send email to > [email protected]. > For more options, visit this group at > http://groups.google.com/group/rubyonrails-talk?hl=en. > > -- You received this message because you are subscribed to the Google Groups "Ruby on Rails: Talk" group. To post to this group, send email to [email protected]. To unsubscribe from this group, send email to [email protected]. For more options, visit this group at http://groups.google.com/group/rubyonrails-talk?hl=en.
