Warden
Seth Vargo edited this page May 6, 2012
·
1 revision
As part of the original plan, Envelope will be a distributed app. At this time, it's just a single Rails app, but it will eventually be broken down into smaller apps - front ends, middle ends, and back ends.
Because of this long-term goal, we elected to go with a Rack-based (as opposed to Rails-based) authentication scheme - warden. Our warden scheme is very simple:
Rails.application.config.middleware.use Warden::Manager do |manager|
manager.default_strategies :password
manager.failure_app = lambda { |env| SessionsController.action(:new).call(env) }
end
Warden::Manager.serialize_into_session do |user|
user.id
end
Warden::Manager.serialize_from_session do |id|
User.find(id)
end
Warden::Strategies.add(:password) do
def valid?
params['login'] && params['password']
end
def authenticate!
user = User.where(['username = :value OR email_address = :value', { value:params['login'] }]).first || Account.find_by_email_address(params['login']).try(:user)
if user.try(:authenticate, params['password'])
if user.confirmed?
success! user
else
fail 'Your credentials were valid, but your account is not active!'
end
else
fail 'Invalid Login!'
end
end
end