Which gem should I use to provide a login process for my social network app?

I am creating a social networking site for my university and I'm wondering which gem I should use for the login process, or if there is any other more secure way to implement a login process. Is there document or sample code which can guide me?

I've heard about the Devise gem but I am not sure that it will be work for us, or how to use it.

Answers


Definitely recommend devise. It's written by one of the top contributors to rails Jose Valim. It's pretty easy to use, especially if you just stick with the defaults which are very reasonable. And it's kept up to date - currently only has 7 outstanding issues. For a project with 6.4k watchers that's pretty amazing.

There's a getting started guide with everything you need to get started.

There's also a devise wiki with a lot of examples. Here's just a few:

  • How To: Disallow previously used passwords
  • How To: Display a custom sign_in form anywhere in your app
  • How To: Do not redirect to login page after session timeout

It largely depends on what features you're looking for. If you require a full-featured authentication solution (Registration, Forgot Password, Remember Me, Login) then either devise or Authlogic is recommended.

If you're just looking for a simple way to authenticate users (via login and password for example), you can just use the Rails built-in authentication via has_secure_password. Ryan Bates did a RailsCast on it not too long ago.

Whatever method you decide to go with just remember that without SSL its not secure.


Devise is very nice. However, I'm partial to using NoamB's Sorcery gem. Its like a balance between rolling your own and Authlogic.

Check it out here: https://github.com/NoamB/sorcery

Also nice railscast on it: http://railscasts.com/episodes/283-authentication-with-sorcery


Need Your Help

How to iterate a private collection member in a Java class?

java private public

So here's this class which has a field, let's say

Automatically search for YouTube contents in Java / Javascript

javascript java youtube youtube-api youtube-javascript-api

I'll write a program in Java or Javascript to continoulsy get a list of videos from YouTube that matches specified metadata as name, comments and so on.