Jump to: navigation, search

Auth Module

454 bytes added, 18:41, 20 January 2011
no edit summary
== Auth Module (Developer Notes) ==
The Auth module extends functionality available from the [Authlogic|] (version 2.1.0) gem and included in the lib directory based on the [Authlogic OpenID add-on|].'
The idea is to allow services to be customized based on user attributes.Some examples could be: * Store a user's mobile phone number or email address to default the txt/email values for those services.* Provide extended request or paging functionality that is only available to a subset of patrons.* Allow faculty members to place items on reserve from the Umlaut screen. === Core Umlaut Files Added or Updated ===Several core Umlaut files were added and updated in order to develop support the Auth module.
==== app/controller/application.rb ====
The '''ApplicationController''' filters passwords and provides two methods for accessing the current user session and the current user.
The following files makeup the Auth module to extend the functionality of Authlogic for our purposes.
==== lib/auth/acts_as_authentic.rb ====
The '''ActsAsAuthentic''' module extends the authlogic user model to ignore passwords, reset_persistence_token when the username changes, manage stale data (via refreshed_at date), and handle user attributes hash.
==== lib/auth/session.rb ====
The '''Session''' module establishes the Auth module callback functions and can serve as a template for further localizations.
Callback functions to be overridden locally as appropriate:
# '''before_login''' - called when a new user session is being established, before the actual login is called
# '''after_logout''' - called after current user session is destroyed
# '''on_every_request''' - called on every request
The module also has two private methods for use in extended local classes.
# '''validate_url''' - generates the return url to send to external logins services
# '''session_user''' - facilitates saving user attributes to the user model
It also has private methods validate_url (for sending to external logins) and session_user (for setting the session_user attributes). == Generating Configuring Local UmlautAuth Plugins ==The following steps will generate a stub module for populating for local Auth needs (assumes authlogic version 2.1.0 is installed and user table is up to date).#  script/generate UmlautAuth YourModuleName#  put  your code in the generated stub methods in vendor/plugins/your_module_name/lib/your_module_name.rb#  add the following to config/umlaut_config/environment.rb:<pre>config.app_config.login_modules = [{:id => "your_module_name", :module => :YourModuleName, :default Modules => true }] #default => true doesn't do anything yet</pre>
=== UmlautAuth Plugin Auth Module Example ===UmlautAuthOpenSSO AuthPDS was developed at NYU as an example of generating a plugin and populating the stub methods provided.* lib/vendorauth/pluginslocal/umlaut_auth_open_ssoauth_pds.rbThe AuthPDS module gets mixed in with the Session module to log in via PDS (customized for NYU). It implements the following callback functions:# login_url - provides PDS login URL to redirect to# after_login - checks authorization, stores some cookies to improve performance, saves some user data when appropriate# logout_url - provides PDS logout URL# after_logout - destroys some cookies that were stored to improve performance# on_every_request - checks if the user has logged in (e.g. from another SSO system)

Navigation menu