https://wiki.code4lib.org/api.php?action=feedcontributions&user=Scotdalton&feedformat=atomCode4Lib - User contributions [en]2024-03-19T05:52:13ZUser contributionsMediaWiki 1.26.2https://wiki.code4lib.org/index.php?title=Umlaut_Deployment_with_Thin_and_Apache&diff=7820Umlaut Deployment with Thin and Apache2011-04-07T15:52:11Z<p>Scotdalton: </p>
<hr />
<div>[[Category: Umlaut]]<br />
Instead of using mongrel, NYU is using [http://code.macournoyer.com/thin/ thin]. The thin configuration is almost identical to mongrel and is detailed below. The Apache configuration is exactly the same as with mongrel and is detailed at [[Umlaut_Deployment#Apache_Setup]]<br />
<br />
<br />
First you must install the thin gem and any dependencies, including rack. We found that versions of rack later than 1.0.1 caused problems.<br />
:$ sudo gem install thin<br />
:$ sudo gem install rack --version 1.0.1<br />
<br />
Next add these two files to Umlaut.<br />
<br />
:config/umlaut_config/deploy/thin_cluster.yml<br />
<pre><br />
# Unix account to run your processes as:<br />
user: umlaut <br />
<br />
#Unix group to run processes as:<br />
group: umlaut <br />
<br />
# Install dir of Umlaut you want to run from:<br />
chdir: /apps/umlaut/<br />
log: log/thin.log # Leave like this. <br />
<br />
# Start port for your instances. Any high port will do. Does NOT need need<br />
# to be open through firewall externally. <br />
port: 4001<br />
environment: production # Leave like this<br />
address: 127.0.0.1 # Leave like this <br />
#address: 0.0.0.0 # Leave like this <br />
pid: tmp/pids/thin.pid # Leave like this<br />
<br />
# How many instances to run. port: 8000 with servers:3 means you'll<br />
# have a server on 8000, 8001, and 8002. <br />
servers: 4<br />
<br />
# Only if you want to start at web path other than base / :<br />
#prefix: /getit # for instance. Start with slash, and don't end with one.<br />
</pre><br />
:script/local/my_thin_ctl<br />
<pre><br />
#!/bin/bash <br />
thin $1 -C /apps/umlaut/config/umlaut_config/deploy/thin_cluster.yml <br />
</pre><br />
<br />
Then make the my_thin_ctl executable<br />
:$ chmod 755 my_thin_ctl<br />
<br />
Finally, run<br />
: $ ./script/local/my_thin_ctl start</div>Scotdaltonhttps://wiki.code4lib.org/index.php?title=Umlaut_Deployment_with_Thin_and_Apache&diff=7819Umlaut Deployment with Thin and Apache2011-04-07T15:49:12Z<p>Scotdalton: </p>
<hr />
<div>[[Category: Umlaut]]<br />
Instead of using mongrel, NYU is using [http://code.macournoyer.com/thin/ thin]. The thin configuration is almost identical to mongrel and is detailed below. The Apache configuration is exactly the same as with mongrel and is detailed at [[Umlaut_Deployment#Apache_Setup]]<br />
<br />
<br />
#First you must install the thin gem and any dependencies, including rack. We found that versions of rack later than 1.0.1 caused problems.<br />
:$ sudo gem install thin<br />
:$ sudo gem install rack --version 1.0.1<br />
<br />
#Next add these two files to Umlaut.<br />
config/umlaut_config/deploy/thin_cluster.yml<br />
<pre><br />
# Unix account to run your processes as:<br />
user: umlaut <br />
<br />
#Unix group to run processes as:<br />
group: umlaut <br />
<br />
# Install dir of Umlaut you want to run from:<br />
chdir: /apps/umlaut/<br />
log: log/thin.log # Leave like this. <br />
<br />
# Start port for your instances. Any high port will do. Does NOT need need<br />
# to be open through firewall externally. <br />
port: 4001<br />
environment: production # Leave like this<br />
address: 127.0.0.1 # Leave like this <br />
#address: 0.0.0.0 # Leave like this <br />
pid: tmp/pids/thin.pid # Leave like this<br />
<br />
# How many instances to run. port: 8000 with servers:3 means you'll<br />
# have a server on 8000, 8001, and 8002. <br />
servers: 4<br />
<br />
# Only if you want to start at web path other than base / :<br />
#prefix: /getit # for instance. Start with slash, and don't end with one.<br />
</pre><br />
script/local/my_thin_ctl<br />
<pre><br />
#!/bin/bash <br />
thin $1 -C /apps/umlaut/config/umlaut_config/deploy/thin_cluster.yml <br />
</pre><br />
<br />
#Then make the my_thin_ctl executable<br />
:$ chmod 755 my_thin_ctl<br />
<br />
#Finally, run<br />
: $ ./script/local/my_thin_ctl start</div>Scotdaltonhttps://wiki.code4lib.org/index.php?title=Umlaut_Deployment_with_Thin_and_Apache&diff=7818Umlaut Deployment with Thin and Apache2011-04-07T15:48:16Z<p>Scotdalton: </p>
<hr />
<div>[[Category: Umlaut]]<br />
Instead of using mongrel, NYU is using [http://code.macournoyer.com/thin/ thin]. The thin configuration is almost identical to mongrel and is detailed below. The Apache configuration is exactly the same as with mongrel and is detailed at [[Umlaut_Deployment#Apache_Setup]]<br />
<br />
<br />
First you must install the thin gem and any dependencies, including rack. We found that versions of rack later than 1.0.1 caused problems.<br />
:$ sudo gem install thin<br />
:$ sudo gem install rack --version 1.0.1<br />
<br />
Next add these two files to Umlaut.<br />
'''config/umlaut_config/deploy/thin_cluster.yml'''<br />
<pre><br />
# Unix account to run your processes as:<br />
user: umlaut <br />
<br />
#Unix group to run processes as:<br />
group: umlaut <br />
<br />
# Install dir of Umlaut you want to run from:<br />
chdir: /apps/umlaut/<br />
log: log/thin.log # Leave like this. <br />
<br />
# Start port for your instances. Any high port will do. Does NOT need need<br />
# to be open through firewall externally. <br />
port: 4001<br />
environment: production # Leave like this<br />
address: 127.0.0.1 # Leave like this <br />
#address: 0.0.0.0 # Leave like this <br />
pid: tmp/pids/thin.pid # Leave like this<br />
<br />
# How many instances to run. port: 8000 with servers:3 means you'll<br />
# have a server on 8000, 8001, and 8002. <br />
servers: 4<br />
<br />
# Only if you want to start at web path other than base / :<br />
#prefix: /getit # for instance. Start with slash, and don't end with one.<br />
</pre><br />
'''script/local/my_thin_ctl'''<br />
<pre><br />
#!/bin/bash <br />
thin $1 -C /apps/umlaut/config/umlaut_config/deploy/thin_cluster.yml <br />
</pre><br />
<br />
Then make the my_thin_ctl executable<br />
:$ chmod 755 my_thin_ctl<br />
<br />
Finally, run<br />
: $ ./script/local/my_thin_ctl start</div>Scotdaltonhttps://wiki.code4lib.org/index.php?title=Umlaut_Deployment_with_Thin_and_Apache&diff=7817Umlaut Deployment with Thin and Apache2011-04-07T15:47:37Z<p>Scotdalton: </p>
<hr />
<div>[[Category: Umlaut]]<br />
Instead of using mongrel, NYU is using [http://code.macournoyer.com/thin/ thin]. The thin configuration is almost identical to mongrel and is detailed below. The Apache configuration is exactly the same as with mongrel and is detailed at [[Umlaut_Deployment#Apache_Setup]]<br />
<br />
<br />
First you must install the thin gem and any dependencies, including rack. We found that versions of rack later than 1.0.1 caused problems.<br />
:sudo gem install thin<br />
:sudo gem install rack --version 1.0.1<br />
<br />
Next add these two files to Umlaut.<br />
'''config/umlaut_config/deploy/thin_cluster.yml'''<br />
<pre><br />
# Unix account to run your processes as:<br />
user: umlaut <br />
<br />
#Unix group to run processes as:<br />
group: umlaut <br />
<br />
# Install dir of Umlaut you want to run from:<br />
chdir: /apps/umlaut/<br />
log: log/thin.log # Leave like this. <br />
<br />
# Start port for your instances. Any high port will do. Does NOT need need<br />
# to be open through firewall externally. <br />
port: 4001<br />
environment: production # Leave like this<br />
address: 127.0.0.1 # Leave like this <br />
#address: 0.0.0.0 # Leave like this <br />
pid: tmp/pids/thin.pid # Leave like this<br />
<br />
# How many instances to run. port: 8000 with servers:3 means you'll<br />
# have a server on 8000, 8001, and 8002. <br />
servers: 4<br />
<br />
# Only if you want to start at web path other than base / :<br />
#prefix: /getit # for instance. Start with slash, and don't end with one.<br />
</pre><br />
'''script/local/my_thin_ctl'''<br />
<pre><br />
#!/bin/bash <br />
thin $1 -C /apps/umlaut/config/umlaut_config/deploy/thin_cluster.yml <br />
</pre><br />
<br />
Then make the my_thin_ctl executable<br />
: chmod 755 my_thin_ctl<br />
<br />
Finally, run<br />
: ./script/local/my_thin_ctl start</div>Scotdaltonhttps://wiki.code4lib.org/index.php?title=Umlaut_Deployment_with_Thin_and_Apache&diff=7816Umlaut Deployment with Thin and Apache2011-04-07T15:39:41Z<p>Scotdalton: </p>
<hr />
<div>[[Category: Umlaut]]<br />
Instead of using mongrel, NYU is using [http://code.macournoyer.com/thin/ thin]. The thin configuration is almost identical to mongrel and is detailed below. The Apache configuration is exactly the same as with mongrel and is detailed at [[Umlaut_Deployment#Apache_Setup]]<br />
<br />
<br />
The two files used to implement thin are detailed below.<br />
'''config/umlaut_config/deploy/thin_cluster.yml'''<br />
<pre><br />
# Unix account to run your processes as:<br />
user: umlaut <br />
<br />
#Unix group to run processes as:<br />
group: umlaut <br />
<br />
# Install dir of Umlaut you want to run from:<br />
chdir: /apps/umlaut/<br />
log: log/thin.log # Leave like this. <br />
<br />
# Start port for your instances. Any high port will do. Does NOT need need<br />
# to be open through firewall externally. <br />
port: 4001<br />
environment: production # Leave like this<br />
address: 127.0.0.1 # Leave like this <br />
#address: 0.0.0.0 # Leave like this <br />
pid: tmp/pids/thin.pid # Leave like this<br />
<br />
# How many instances to run. port: 8000 with servers:3 means you'll<br />
# have a server on 8000, 8001, and 8002. <br />
servers: 4<br />
<br />
# Only if you want to start at web path other than base / :<br />
#prefix: /getit # for instance. Start with slash, and don't end with one.<br />
</pre><br />
'''script/local/my_thin_ctl'''<br />
<pre><br />
#!/bin/bash <br />
thin $1 -C /apps/umlaut/config/umlaut_config/deploy/thin_cluster.yml <br />
</pre></div>Scotdaltonhttps://wiki.code4lib.org/index.php?title=Umlaut_Deployment_with_Thin_and_Apache&diff=7815Umlaut Deployment with Thin and Apache2011-04-07T15:39:06Z<p>Scotdalton: </p>
<hr />
<div>[[Category: Umlaut]]<br />
Instead of using mongrel, NYU is using [http://code.macournoyer.com/thin/ thin]. The thin configuration is almost identical to mongrel. The Apache configuration is exactly the same as with mongrel and is detailed at [[Umlaut_Deployment#Apache_Setup]]<br />
<br />
<br />
The two files used to implement thin are detailed below.<br />
'''config/umlaut_config/deploy/thin_cluster.yml'''<br />
<pre><br />
# Unix account to run your processes as:<br />
user: umlaut <br />
<br />
#Unix group to run processes as:<br />
group: umlaut <br />
<br />
# Install dir of Umlaut you want to run from:<br />
chdir: /apps/umlaut/<br />
log: log/thin.log # Leave like this. <br />
<br />
# Start port for your instances. Any high port will do. Does NOT need need<br />
# to be open through firewall externally. <br />
port: 4001<br />
environment: production # Leave like this<br />
address: 127.0.0.1 # Leave like this <br />
#address: 0.0.0.0 # Leave like this <br />
pid: tmp/pids/thin.pid # Leave like this<br />
<br />
# How many instances to run. port: 8000 with servers:3 means you'll<br />
# have a server on 8000, 8001, and 8002. <br />
servers: 4<br />
<br />
# Only if you want to start at web path other than base / :<br />
#prefix: /getit # for instance. Start with slash, and don't end with one.<br />
</pre><br />
'''script/local/my_thin_ctl'''<br />
<pre><br />
#!/bin/bash <br />
thin $1 -C /apps/umlaut/config/umlaut_config/deploy/thin_cluster.yml <br />
</pre></div>Scotdaltonhttps://wiki.code4lib.org/index.php?title=Umlaut_Deployment_with_Thin_and_Apache&diff=7814Umlaut Deployment with Thin and Apache2011-04-07T15:37:58Z<p>Scotdalton: </p>
<hr />
<div>[[Umlaut]]<br />
Instead of using mongrel, NYU is using [http://code.macournoyer.com/thin/ thin]. The thin configuration is almost identical to mongrel. The Apache configuration is exactly the same as with mongrel and is detailed at<br />
<br />
<br />
The two files used to implement thin are detailed below.<br />
'''config/umlaut_config/deploy/thin_cluster.yml'''<br />
<pre><br />
# Unix account to run your processes as:<br />
user: umlaut <br />
<br />
#Unix group to run processes as:<br />
group: umlaut <br />
<br />
# Install dir of Umlaut you want to run from:<br />
chdir: /apps/umlaut/<br />
log: log/thin.log # Leave like this. <br />
<br />
# Start port for your instances. Any high port will do. Does NOT need need<br />
# to be open through firewall externally. <br />
port: 4001<br />
environment: production # Leave like this<br />
address: 127.0.0.1 # Leave like this <br />
#address: 0.0.0.0 # Leave like this <br />
pid: tmp/pids/thin.pid # Leave like this<br />
<br />
# How many instances to run. port: 8000 with servers:3 means you'll<br />
# have a server on 8000, 8001, and 8002. <br />
servers: 4<br />
<br />
# Only if you want to start at web path other than base / :<br />
#prefix: /getit # for instance. Start with slash, and don't end with one.<br />
</pre><br />
'''script/local/my_thin_ctl'''<br />
<pre><br />
#!/bin/bash <br />
thin $1 -C /apps/umlaut/config/umlaut_config/deploy/thin_cluster.yml <br />
</pre></div>Scotdaltonhttps://wiki.code4lib.org/index.php?title=Umlaut_Deployment_with_Thin_and_Apache&diff=7813Umlaut Deployment with Thin and Apache2011-04-07T15:36:07Z<p>Scotdalton: </p>
<hr />
<div>Instead of using mongrel, NYU is using [http://code.macournoyer.com/thin/ thin]. The thin configuration is almost identical to mongrel. The two files used to implement are detailed below.<br />
config/umlaut_config/deploy/thin_cluster.yml<br />
<pre><br />
# Unix account to run your processes as:<br />
user: umlaut <br />
<br />
#Unix group to run processes as:<br />
group: umlaut <br />
<br />
# Install dir of Umlaut you want to run from:<br />
chdir: /apps/umlaut/<br />
log: log/thin.log # Leave like this. <br />
<br />
# Start port for your instances. Any high port will do. Does NOT need need<br />
# to be open through firewall externally. <br />
port: 4001<br />
environment: production # Leave like this<br />
address: 127.0.0.1 # Leave like this <br />
#address: 0.0.0.0 # Leave like this <br />
pid: tmp/pids/thin.pid # Leave like this<br />
<br />
# How many instances to run. port: 8000 with servers:3 means you'll<br />
# have a server on 8000, 8001, and 8002. <br />
servers: 4<br />
<br />
# Only if you want to start at web path other than base / :<br />
#prefix: /getit # for instance. Start with slash, and don't end with one.<br />
</pre><br />
script/local/my_thin_ctl<br />
<pre><br />
#!/bin/bash <br />
thin $1 -C /apps/umlaut/config/umlaut_config/deploy/thin_cluster.yml <br />
</pre></div>Scotdaltonhttps://wiki.code4lib.org/index.php?title=Umlaut_Deployment_with_Thin_and_Apache&diff=7812Umlaut Deployment with Thin and Apache2011-04-07T15:35:01Z<p>Scotdalton: New page: Instead of using mongrel, NYU is using [http://code.macournoyer.com/thin/ thin]. The thin configuration is almost identical to mongrel. The two files used to implement are detailed below....</p>
<hr />
<div>Instead of using mongrel, NYU is using [http://code.macournoyer.com/thin/ thin]. The thin configuration is almost identical to mongrel. The two files used to implement are detailed below.<br />
config/umlaut_config/deploy/thin_cluster.yml<br />
--<br />
# Unix account to run your processes as:<br />
user: umlaut <br />
<br />
#Unix group to run processes as:<br />
group: umlaut <br />
<br />
# Install dir of Umlaut you want to run from:<br />
chdir: /apps/umlaut/<br />
log: log/thin.log # Leave like this. <br />
<br />
# Start port for your instances. Any high port will do. Does NOT need need<br />
# to be open through firewall externally. <br />
port: 4001<br />
environment: production # Leave like this<br />
address: 127.0.0.1 # Leave like this <br />
#address: 0.0.0.0 # Leave like this <br />
pid: tmp/pids/thin.pid # Leave like this<br />
<br />
# How many instances to run. port: 8000 with servers:3 means you'll<br />
# have a server on 8000, 8001, and 8002. <br />
servers: 4<br />
<br />
# Only if you want to start at web path other than base / :<br />
#prefix: /getit # for instance. Start with slash, and don't end with one.<br />
--<br />
script/local/my_thin_ctl<br />
--<br />
#!/bin/bash <br />
thin $1 -C /apps/umlaut/config/umlaut_config/deploy/thin_cluster.yml <br />
--</div>Scotdaltonhttps://wiki.code4lib.org/index.php?title=Umlaut_Deployment&diff=7811Umlaut Deployment2011-04-07T15:02:33Z<p>Scotdalton: </p>
<hr />
<div>[[Category:Umlaut]]<br />
<br />
So you have your Umlaut running by executing "./scripts/server" in the Umlaut directory, and then it launches on port 3000 by default, and you connect to port 3000. This is fine for some initial confirmation that you've got your setup working, and for development, but how do you actually deploy it?<br />
<br />
Turns out there are several possible deploy environments for a Rails application. There is not necessarily one standard or best one at the moment, different people use different ones in different circumstances.<br />
<br />
Jonathan Rochkind at Hopkins uses mongrel, mongrel_cluster and Apache mod_proxy and mod_proxy_balancer on a unix system for his deploy environment. He went down this road because it was what was recommended by the [http://www.pragprog.com/titles/rails2 Rails Agile Development book]. We may explore other deploy enviroments (such as 'passenger') in the future. We would definitely not be optimistic about running Umlaut on Windows. *Lately mod_rails/Passenger is clearly the preferred Rails deployment in general, and jrochkind wants to find time to set it up and test it, but hasn't yet.*<br />
<br />
Since jrochkind is writing this documentation, he can only tell you how to do it how he did. You do need to have a verison of Apache that includes mod_proxy_balancer (> apache 2.2? ), but if you do, jrochkind is fairly happy with the solution.<br />
<br />
These two pages from the mongrel website on [http://mongrel.rubyforge.org/wiki/Apache Apache Best Practice Deployment] and [http://mongrel.rubyforge.org/docs/mongrel_cluster.html Using Mongrel Cluster] are pretty good how-tos for mongrel. But we will also take you through it here, with specific directions and Umlaut recommendations and pit-falls we ran into.<br />
<br />
Alternatively, based on Ross Singer's recommendation, scotdalton is using [http://code.macournoyer.com/thin/ thin] and Apache at NYU. The setup is almost identical to mongrel and is detailed at [[Umlaut Deployment with Thin and Apache]]<br />
<br />
== Quick start 'wizard' ==<br />
<br />
New! A Rails generator to set up config files for you, and make deployment with mongrel cluster and apache much easier. <br />
<br />
=== Prerequisites ===<br />
<br />
* Install 'mongrel' and 'mongrel_cluster' gems. <br />
* Apache needs mod_proxy and mod_proxy_balancer (which means it needs to be apache >2.2 I think, and have those modules turned on). <br />
* You need to have access to an apache conf file to add some statements to hook your mongrel cluster up to the web.<br />
<br />
=== To run ===<br />
<br />
You can simply run ./script/generate mongrel_deploy_files to generate config files for an Umlaut mongrel cluster deployment. This makes some assumptions, detailed below--to change all of these options, run ./script/generate mongrel_deploy_files --help to see command line arguments, if you aren't happy with these defaults. <br />
<br />
You can run this command at any time. It will interactively prompt you if you want to overwrite your existing files, and give you a diff. (Or you can say --force to force overwriting of existing files). You can also run ./script/destroy mongrel_deploy_files to remove anything created by the generator. <br />
<br />
This process will add two files in umlaut_config/deploy, and one file in $UMLAUT/script/local/. Next, you need to hook up apache, and start your mongrels.<br />
<br />
=== default assumptions ===<br />
<br />
Several mongrel processes are being configured. By default, this is four mongrel processes on internal ports beginning at port 4001. Both of these things can be changed. <br />
<br />
By default these mongrel processes will be run as unix user 'umlaut', group 'umlaut'. So either create such a user or group, or add arguments to choose other user/group. <br />
<br />
By default the generator assumes that you are going to be deploying at 'document root' (/) in a particular apache (virtual) host. If you'd like to instead install at a sub-path, use the --prefix argument. <br />
<br />
=== Hook up apache === <br />
<br />
A file was created for you in umlaut_config/deploy/umlaut_http.conf. You need to edit your apache conf file to "Include" this umlaut_http.conf in the virtual host of your choice (or main host). You need to set up the virtual host yourself, if you want one. Then simply "Include /path/to/umlaut/config/umlaut_config/deploy/umlaut_http.conf". <br />
<br />
=== Start mongrels ===<br />
<br />
Apache is now pointing to a balanced cluster of mongrels on the ports specified by the generator, from the path specified by the generator. But those mongrels aren't running yet. You need to start them. You can do this by running:<br />
<br />
<pre><br />
sudo mongrel_rails cluster::start -C /path/to/umlaut/config/umlaut_config/deploy/mongrel_cluster.yml<br />
</pre><br />
<br />
Or, for convenience, the generator installed a little bash script to do this all for you:<br />
<br />
<pre><br />
$UMLAUT/script/local/my_mongrel_ctl (start|stop|restart|status)<br />
</pre><br />
<br />
You can set things up to auto-start your mongrels on boot, see:<br />
[http://mongrel.rubyforge.org/wiki/MongrelCluster#OnBootInitializationSetup]<br />
<br />
== The details: Umlaut Deployment with Mongrel and Apache ==<br />
<br />
There are basically two parts to getting Umlaut (or any Rails app) deployed in this setup. First is getting your Rails app running, and second is configuring Apache to connect to it properly.<br />
<br />
There are a few decisions to make. Run just one instance of Umlaut, or run multiple load balancing instances? Because of the nature of the way Umlaut works, we strongly recommend running multiple Umlaut instances regardless of how little traffic you expect. Even in a low-traffic environment, the fact that Umlaut can take several seconds to respond to a request means that multiple instances are a good idea to keep Umlaut from seeming even slower than it is. We're completely guessing, but 3 is probably a pretty good number for just about any Umlaut site, from low to high traffic.<br />
<br />
Also think about whether you what unix account you want to run Umlaut (recommended to create a special low-priv account). And whether your Umlaut URLs can be the base urls for a host (Ie, findit.library.jhu.edu points directly to umlaut), or whether you use a 'prefix' (ie, findit.library.jhu.edu/some/path/findit). Using apache virtual hosts and mounting Umlaut at the base is typical, but the prefix can work too.<br />
<br />
=== Setting up mongrel_cluster ===<br />
<br />
First you've got to install mongrel and mongrel_cluster:<br />
<br />
<br />
:sudo gem install mongrel<br />
<br />
:sudo gem install mongrel_cluster<br />
<br />
'''Reccommend you make sure you have mongrel >= 1.1.4 and mongrel_cluster >= 1.0.5. Recommend you do NOT have previous versions installed. When I had mongrel_cluster 1.0.3 simultaneously installed, it was being used, even though it shouldn't be, and its bugs were effecting me'''<br />
<br />
<br />
The point of mongrel_cluster is to save configuration information for multiple mongrel instances in one configuration file, and then you can start, stop, or restart them all with one command, and without having to remember that config information each time (and possibly get it wrong or typod).<br />
<br />
By default, mongrel_cluster keeps that configuration file in a Rails app's config/mongrel_cluster.yml. You could do that with Umlaut, but we like to keep your local config files in $Umlaut/config/umlaut_config instead (see [[Umlaut Local Configuration Architecture]]), so we recommend putting it in $Umlaut/config/umlaut_config. You can use the mongrel_rails command to write this config for you (see [http://mongrel.rubyforge.org/wiki/MongrelCluster Using Mongrel Cluster]; make sure to use the -C argument to put the config file in umlaut_config, if that's what you want), but here we'll just give you our actual mongrel_cluster.yml config, annotated. (You are certainly allowed to write it by hand).<br />
<br />
<pre><br />
<br />
# Unix account to run your processes as:\\<br />
user: umlaut <br />
<br />
#Unix group to run processes as:<br />
group: umlaut <br />
<br />
# Install dir of Umlaut you want to run from:<br />
cwd: /data/web/findit/Umlaut <br />
log_file: log/mongrel.log # Leave like this. <br />
<br />
# Start port for your instances. Any high port will do. Does NOT need need<br />
# to be open through firewall externally. <br />
port: 8000 <br />
environment: production # Leave like this<br />
address: 127.0.0.1 # Leave like this <br />
pid_file: tmp/pids/mongrel.pid # Leave like this<br />
<br />
# How many instances to run. port: 8000 with servers:3 means you'll<br />
# have a server on 8000, 8001, and 8002. <br />
servers: 3<br />
<br />
# Only if you want to start at web path other than base / :<br />
prefix: /findit # for instance. Start with slash, and don't end with one.<br />
<br />
</pre><br />
<br />
Now you can start all three of these mongrel instances by executing:<br />
<br />
:sudo mongrel_rails cluster::start -C $Umlaut/config/umlaut_config/mongrel_rails<br />
<br />
The 'sudo' is necessary because we've told mongrel_cluster to start apps as user 'umlaut' ; first need to be root before you can start a process as another user. Also cluster::stop, cluster::restart, and cluster::status<br />
<br />
We're still not sure exactly how many mongrels are neccesary to handle a given sized umlaut installation. <br />
<br />
:See below to automate the startup of these processes on boot.<br />
<br />
If you are choosing to start as a particular unix account, make sure your install dir can be read by that account! log and tmp dirs need to be writeable too. Easiest thing to do is just "sudo chgrp -R umlaut", or whatever other group you are choosing, your entire $Umlaut installation. Note that the parent directory (and all of it's parents) needs to have "x" permission for the user/group too.<br />
<br />
=== Apache Setup ===<br />
<br />
Now we set up apache using mod_proxy to 'reverse proxy' to our mongrel instances, with clustered load balancing. Make sure you have mod_proxy and mod_proxy_balancer installed and configured. Now, in your apache conf, proably in the specific virtual host you want to use for Umlaut:<br />
<br />
<pre><br />
# Very important, make sure you aren't inadvertantly making an open proxy with mod_proxy<br />
ProxyRequests off <br />
<br />
# Set up the mod_proxy blanacer, with our three instances running on 8000-8002<br />
# Note: Do not put trailing / on these<br />
<Proxy balancer://umlaut_cluster><br />
BalancerMember http://127.0.0.1:8000<br />
BalancerMember http://127.0.0.1:8001<br />
BalancerMember http://127.0.0.1:8002<br />
</Proxy><br />
<br />
# Set up ProxyPass directive to reverse proxy to SFX for handling SFX journal subscription cgi posts<br />
# This should come before the cluster ProxyPass directive.<br />
ProxyPass /resolve/cgi/core/journal_subscription.cgi http://your.sfx.host.edu:port/your_instance/cgi/core/journal_subscription.cgi<br />
ProxyPassReverse /resolve/cgi/core/journal_subscription.cgi http://your.sfx.host.edu:port/your_instance/cgi/core/journal_subscription.cgi<br />
<br />
# Now set up the ProxyPass directives to reverse proxy to that cluster<br />
# Note: DO put trailing / on these.<br />
<br />
ProxyPass / balancer://umlaut_cluster/ <br />
ProxyPassReverse / balancer://umlaut_cluster/ <br />
ProxyPreserveHost on<br />
<br />
# Or, if you were using a prefix, these would look like, eg:<br />
# ProxyPass /findit balancer://umlaut_cluster/findit/<br />
# ProxyPassReverse /findit balancer://umlaut_cluster/findit/<br />
</pre><br />
<br />
====SSL/https====<br />
<br />
If you are setting up apache to allow https requests, it should still proxy to an http mongrel as above, because mongrel doesn't speak http. However, you should include this line in the relevant SSL virtual host, to set the request header to let the Rails app know it's fronted by ssl:<br />
<br />
RequestHeader set X_FORWARDED_PROTO 'https'<br />
<br />
=== Dealing with bad query strings: More Apache Setup ===<br />
<br />
Mongrel refuses to accept a mal-formed query string. EBSCOHost, however, insists on sending such---for example, query strings with unescaped greater-than or less-than chars in them. We want to take care of this by putting directives in the apache config to rewrite these bad urls into proper escaped urls. The apache mod_redirect external map function is most convenient to use here, and a program to serve as an external map is included with umlaut. The following apache directives will take care of rewriting bad URLs. As always, $Umlaut stands for your Umlaut install dir.<br />
<br />
<pre><br />
# We want to re-write URLs with 'bad' < and > chars in the query<br />
# string (eg from EBSCO) to escape them.<br />
RewriteEngine on<br />
RewriteMap query_escape prg:$umlaut/distribution/script/rewrite_map.pl<br />
RewriteLock /var/lock/subsys/apache.rewrite.lock<br />
RewriteCond %{query_string} ^(.*[\>\<].*)$<br />
RewriteRule ^(.*)$ $1?${query_escape:%1} [R,L,NE]<br />
</pre><br />
<br />
Note: Due to a bug in Apache, ampersand chars in query string end up 'double escaped' when put through the map. We have code in a before filter in application_controller to take care of this.<br />
<br />
=== Start at Boot? ===<br />
<br />
Follow the directions at [http://mongrel.rubyforge.org/wiki/MongrelCluster#OnBootInitializationSetup Using Mongrel Cluster], which are basically:<br />
<br />
<pre><br />
sudo mkdir /etc/mongrel_cluster<br />
sudo ln -s $UMLAUT/config/umlaut_config/mongrel_cluster.yml /etc/mongrel_cluster/umlaut.yml<br />
sudo cp /path/to/mongrel_cluster_gem/resources/mongrel_cluster /etc/init.d/<br />
sudo chmod +x /etc/init.d/mongrel_cluster</pre><br />
<br />
Now your cluster will start at boot, and you can also start, stop, or restart it (and any other clusters you link into /etc/mongrel_cluster) with:<br />
<br />
<pre><br />
sudo /etc/init.d/mongrel_cluster {start|stop|restart}<br />
</pre><br />
<br />
<br />
====NOTE/WARNING==== <br />
There is a problem in mongrel_cluster that will prevent mongrels from starting up again if your machine (or mongrels) die ungracefully leaving stale pids. See http://www.ruby-forum.com/topic/105849 <br />
<br />
My better fix: Edit the /etc/init.d/mongrel_cluster bash script you installed above. Change line:<br />
<br />
<pre><br />
mongrel_cluster_ctl start -c $CONF_DIR<br />
</pre><br />
<br />
to:<br />
<pre><br />
mongrel_cluster_ctl start -c $CONF_DIR --clean<br />
</pre><br />
<br />
Note the addition of the --clean argument.<br />
<br />
I know this works with mongrel 1.1.4 and mongrel_cluster 1.0.5. An earlier mongrel_cluster did not respect the --clean argument properly--and I found that having a simultaenous install of the earlier mongrel_cluster for some reason caused it to be used instead of the later one. gem isn't supposed to work that way. But best make sure you have no mongrel_clusters earlier than 1.0.5 installed.<br />
<br />
== SFX Configuration ==<br />
<br />
=== Institute Feature ===<br />
<br />
This only matters if you use the SFX institute feature. Umlaut sends a req.ip=[client ip] param, which SFX is supposed to use to treat the request as if it came from that IP, not umlaut's ip. That works if the req.ip matches an SFX institute. But if it does not match any institute, you want SFX to treat the request as if it did not match any institute. Instead it consults the actual umlaut server IP and connects THAT to an institute. This is bad. <br />
<br />
As a work around, define an institute in SFX that is listed first alphabetically (eg, "aaa_umlaut_server") that matches the Umlaut server's IP address(es). Now if req.ip doesn't match anything, SFX will decide the request matches "aaa_umlaut_server" institute--which won't effect anything, will be treated just like a non-local address--instead of matching on umlaut server address which might match a wrong institute. <br />
<br />
This bug has been reported to Ex Libris.</div>Scotdaltonhttps://wiki.code4lib.org/index.php?title=Umlaut_Deployment&diff=7810Umlaut Deployment2011-04-07T15:00:57Z<p>Scotdalton: </p>
<hr />
<div>[[Category:Umlaut]]<br />
<br />
So you have your Umlaut running by executing "./scripts/server" in the Umlaut directory, and then it launches on port 3000 by default, and you connect to port 3000. This is fine for some initial confirmation that you've got your setup working, and for development, but how do you actually deploy it?<br />
<br />
Turns out there are several possible deploy environments for a Rails application. There is not necessarily one standard or best one at the moment, different people use different ones in different circumstances.<br />
<br />
Jonathan Rochkind at Hopkins uses mongrel, mongrel_cluster and Apache mod_proxy and mod_proxy_balancer on a unix system for his deploy environment. He went down this road because it was what was recommended by the [http://www.pragprog.com/titles/rails2 Rails Agile Development book]. We may explore other deploy enviroments (such as 'passenger') in the future. We would definitely not be optimistic about running Umlaut on Windows. *Lately mod_rails/Passenger is clearly the preferred Rails deployment in general, and jrochkind wants to find time to set it up and test it, but hasn't yet.*<br />
<br />
Since jrochkind is writing this documentation, he can only tell you how to do it how he did. You do need to have a verison of Apache that includes mod_proxy_balancer (> apache 2.2? ), but if you do, jrochkind is fairly happy with the solution.<br />
<br />
These two pages from the mongrel website on [http://mongrel.rubyforge.org/wiki/Apache Apache Best Practice Deployment] and [http://mongrel.rubyforge.org/docs/mongrel_cluster.html Using Mongrel Cluster] are pretty good how-tos for mongrel. But we will also take you through it here, with specific directions and Umlaut recommendations and pit-falls we ran into.<br />
<br />
Alternatively, based on Ross Singer's recommendation, scotdalton is using [http://code.macournoyer.com/thin/ thin] and Apache at NYU. The setup is almost identical to mongrel and is detailed at [Umlaut Deployment with Thin and Apache]<br />
<br />
== Quick start 'wizard' ==<br />
<br />
New! A Rails generator to set up config files for you, and make deployment with mongrel cluster and apache much easier. <br />
<br />
=== Prerequisites ===<br />
<br />
* Install 'mongrel' and 'mongrel_cluster' gems. <br />
* Apache needs mod_proxy and mod_proxy_balancer (which means it needs to be apache >2.2 I think, and have those modules turned on). <br />
* You need to have access to an apache conf file to add some statements to hook your mongrel cluster up to the web.<br />
<br />
=== To run ===<br />
<br />
You can simply run ./script/generate mongrel_deploy_files to generate config files for an Umlaut mongrel cluster deployment. This makes some assumptions, detailed below--to change all of these options, run ./script/generate mongrel_deploy_files --help to see command line arguments, if you aren't happy with these defaults. <br />
<br />
You can run this command at any time. It will interactively prompt you if you want to overwrite your existing files, and give you a diff. (Or you can say --force to force overwriting of existing files). You can also run ./script/destroy mongrel_deploy_files to remove anything created by the generator. <br />
<br />
This process will add two files in umlaut_config/deploy, and one file in $UMLAUT/script/local/. Next, you need to hook up apache, and start your mongrels.<br />
<br />
=== default assumptions ===<br />
<br />
Several mongrel processes are being configured. By default, this is four mongrel processes on internal ports beginning at port 4001. Both of these things can be changed. <br />
<br />
By default these mongrel processes will be run as unix user 'umlaut', group 'umlaut'. So either create such a user or group, or add arguments to choose other user/group. <br />
<br />
By default the generator assumes that you are going to be deploying at 'document root' (/) in a particular apache (virtual) host. If you'd like to instead install at a sub-path, use the --prefix argument. <br />
<br />
=== Hook up apache === <br />
<br />
A file was created for you in umlaut_config/deploy/umlaut_http.conf. You need to edit your apache conf file to "Include" this umlaut_http.conf in the virtual host of your choice (or main host). You need to set up the virtual host yourself, if you want one. Then simply "Include /path/to/umlaut/config/umlaut_config/deploy/umlaut_http.conf". <br />
<br />
=== Start mongrels ===<br />
<br />
Apache is now pointing to a balanced cluster of mongrels on the ports specified by the generator, from the path specified by the generator. But those mongrels aren't running yet. You need to start them. You can do this by running:<br />
<br />
<pre><br />
sudo mongrel_rails cluster::start -C /path/to/umlaut/config/umlaut_config/deploy/mongrel_cluster.yml<br />
</pre><br />
<br />
Or, for convenience, the generator installed a little bash script to do this all for you:<br />
<br />
<pre><br />
$UMLAUT/script/local/my_mongrel_ctl (start|stop|restart|status)<br />
</pre><br />
<br />
You can set things up to auto-start your mongrels on boot, see:<br />
[http://mongrel.rubyforge.org/wiki/MongrelCluster#OnBootInitializationSetup]<br />
<br />
== The details: Umlaut Deployment with Mongrel and Apache ==<br />
<br />
There are basically two parts to getting Umlaut (or any Rails app) deployed in this setup. First is getting your Rails app running, and second is configuring Apache to connect to it properly.<br />
<br />
There are a few decisions to make. Run just one instance of Umlaut, or run multiple load balancing instances? Because of the nature of the way Umlaut works, we strongly recommend running multiple Umlaut instances regardless of how little traffic you expect. Even in a low-traffic environment, the fact that Umlaut can take several seconds to respond to a request means that multiple instances are a good idea to keep Umlaut from seeming even slower than it is. We're completely guessing, but 3 is probably a pretty good number for just about any Umlaut site, from low to high traffic.<br />
<br />
Also think about whether you what unix account you want to run Umlaut (recommended to create a special low-priv account). And whether your Umlaut URLs can be the base urls for a host (Ie, findit.library.jhu.edu points directly to umlaut), or whether you use a 'prefix' (ie, findit.library.jhu.edu/some/path/findit). Using apache virtual hosts and mounting Umlaut at the base is typical, but the prefix can work too.<br />
<br />
=== Setting up mongrel_cluster ===<br />
<br />
First you've got to install mongrel and mongrel_cluster:<br />
<br />
<br />
:sudo gem install mongrel<br />
<br />
:sudo gem install mongrel_cluster<br />
<br />
'''Reccommend you make sure you have mongrel >= 1.1.4 and mongrel_cluster >= 1.0.5. Recommend you do NOT have previous versions installed. When I had mongrel_cluster 1.0.3 simultaneously installed, it was being used, even though it shouldn't be, and its bugs were effecting me'''<br />
<br />
<br />
The point of mongrel_cluster is to save configuration information for multiple mongrel instances in one configuration file, and then you can start, stop, or restart them all with one command, and without having to remember that config information each time (and possibly get it wrong or typod).<br />
<br />
By default, mongrel_cluster keeps that configuration file in a Rails app's config/mongrel_cluster.yml. You could do that with Umlaut, but we like to keep your local config files in $Umlaut/config/umlaut_config instead (see [[Umlaut Local Configuration Architecture]]), so we recommend putting it in $Umlaut/config/umlaut_config. You can use the mongrel_rails command to write this config for you (see [http://mongrel.rubyforge.org/wiki/MongrelCluster Using Mongrel Cluster]; make sure to use the -C argument to put the config file in umlaut_config, if that's what you want), but here we'll just give you our actual mongrel_cluster.yml config, annotated. (You are certainly allowed to write it by hand).<br />
<br />
<pre><br />
<br />
# Unix account to run your processes as:\\<br />
user: umlaut <br />
<br />
#Unix group to run processes as:<br />
group: umlaut <br />
<br />
# Install dir of Umlaut you want to run from:<br />
cwd: /data/web/findit/Umlaut <br />
log_file: log/mongrel.log # Leave like this. <br />
<br />
# Start port for your instances. Any high port will do. Does NOT need need<br />
# to be open through firewall externally. <br />
port: 8000 <br />
environment: production # Leave like this<br />
address: 127.0.0.1 # Leave like this <br />
pid_file: tmp/pids/mongrel.pid # Leave like this<br />
<br />
# How many instances to run. port: 8000 with servers:3 means you'll<br />
# have a server on 8000, 8001, and 8002. <br />
servers: 3<br />
<br />
# Only if you want to start at web path other than base / :<br />
prefix: /findit # for instance. Start with slash, and don't end with one.<br />
<br />
</pre><br />
<br />
Now you can start all three of these mongrel instances by executing:<br />
<br />
:sudo mongrel_rails cluster::start -C $Umlaut/config/umlaut_config/mongrel_rails<br />
<br />
The 'sudo' is necessary because we've told mongrel_cluster to start apps as user 'umlaut' ; first need to be root before you can start a process as another user. Also cluster::stop, cluster::restart, and cluster::status<br />
<br />
We're still not sure exactly how many mongrels are neccesary to handle a given sized umlaut installation. <br />
<br />
:See below to automate the startup of these processes on boot.<br />
<br />
If you are choosing to start as a particular unix account, make sure your install dir can be read by that account! log and tmp dirs need to be writeable too. Easiest thing to do is just "sudo chgrp -R umlaut", or whatever other group you are choosing, your entire $Umlaut installation. Note that the parent directory (and all of it's parents) needs to have "x" permission for the user/group too.<br />
<br />
=== Apache Setup ===<br />
<br />
Now we set up apache using mod_proxy to 'reverse proxy' to our mongrel instances, with clustered load balancing. Make sure you have mod_proxy and mod_proxy_balancer installed and configured. Now, in your apache conf, proably in the specific virtual host you want to use for Umlaut:<br />
<br />
<pre><br />
# Very important, make sure you aren't inadvertantly making an open proxy with mod_proxy<br />
ProxyRequests off <br />
<br />
# Set up the mod_proxy blanacer, with our three instances running on 8000-8002<br />
# Note: Do not put trailing / on these<br />
<Proxy balancer://umlaut_cluster><br />
BalancerMember http://127.0.0.1:8000<br />
BalancerMember http://127.0.0.1:8001<br />
BalancerMember http://127.0.0.1:8002<br />
</Proxy><br />
<br />
# Set up ProxyPass directive to reverse proxy to SFX for handling SFX journal subscription cgi posts<br />
# This should come before the cluster ProxyPass directive.<br />
ProxyPass /resolve/cgi/core/journal_subscription.cgi http://your.sfx.host.edu:port/your_instance/cgi/core/journal_subscription.cgi<br />
ProxyPassReverse /resolve/cgi/core/journal_subscription.cgi http://your.sfx.host.edu:port/your_instance/cgi/core/journal_subscription.cgi<br />
<br />
# Now set up the ProxyPass directives to reverse proxy to that cluster<br />
# Note: DO put trailing / on these.<br />
<br />
ProxyPass / balancer://umlaut_cluster/ <br />
ProxyPassReverse / balancer://umlaut_cluster/ <br />
ProxyPreserveHost on<br />
<br />
# Or, if you were using a prefix, these would look like, eg:<br />
# ProxyPass /findit balancer://umlaut_cluster/findit/<br />
# ProxyPassReverse /findit balancer://umlaut_cluster/findit/<br />
</pre><br />
<br />
====SSL/https====<br />
<br />
If you are setting up apache to allow https requests, it should still proxy to an http mongrel as above, because mongrel doesn't speak http. However, you should include this line in the relevant SSL virtual host, to set the request header to let the Rails app know it's fronted by ssl:<br />
<br />
RequestHeader set X_FORWARDED_PROTO 'https'<br />
<br />
=== Dealing with bad query strings: More Apache Setup ===<br />
<br />
Mongrel refuses to accept a mal-formed query string. EBSCOHost, however, insists on sending such---for example, query strings with unescaped greater-than or less-than chars in them. We want to take care of this by putting directives in the apache config to rewrite these bad urls into proper escaped urls. The apache mod_redirect external map function is most convenient to use here, and a program to serve as an external map is included with umlaut. The following apache directives will take care of rewriting bad URLs. As always, $Umlaut stands for your Umlaut install dir.<br />
<br />
<pre><br />
# We want to re-write URLs with 'bad' < and > chars in the query<br />
# string (eg from EBSCO) to escape them.<br />
RewriteEngine on<br />
RewriteMap query_escape prg:$umlaut/distribution/script/rewrite_map.pl<br />
RewriteLock /var/lock/subsys/apache.rewrite.lock<br />
RewriteCond %{query_string} ^(.*[\>\<].*)$<br />
RewriteRule ^(.*)$ $1?${query_escape:%1} [R,L,NE]<br />
</pre><br />
<br />
Note: Due to a bug in Apache, ampersand chars in query string end up 'double escaped' when put through the map. We have code in a before filter in application_controller to take care of this.<br />
<br />
=== Start at Boot? ===<br />
<br />
Follow the directions at [http://mongrel.rubyforge.org/wiki/MongrelCluster#OnBootInitializationSetup Using Mongrel Cluster], which are basically:<br />
<br />
<pre><br />
sudo mkdir /etc/mongrel_cluster<br />
sudo ln -s $UMLAUT/config/umlaut_config/mongrel_cluster.yml /etc/mongrel_cluster/umlaut.yml<br />
sudo cp /path/to/mongrel_cluster_gem/resources/mongrel_cluster /etc/init.d/<br />
sudo chmod +x /etc/init.d/mongrel_cluster</pre><br />
<br />
Now your cluster will start at boot, and you can also start, stop, or restart it (and any other clusters you link into /etc/mongrel_cluster) with:<br />
<br />
<pre><br />
sudo /etc/init.d/mongrel_cluster {start|stop|restart}<br />
</pre><br />
<br />
<br />
====NOTE/WARNING==== <br />
There is a problem in mongrel_cluster that will prevent mongrels from starting up again if your machine (or mongrels) die ungracefully leaving stale pids. See http://www.ruby-forum.com/topic/105849 <br />
<br />
My better fix: Edit the /etc/init.d/mongrel_cluster bash script you installed above. Change line:<br />
<br />
<pre><br />
mongrel_cluster_ctl start -c $CONF_DIR<br />
</pre><br />
<br />
to:<br />
<pre><br />
mongrel_cluster_ctl start -c $CONF_DIR --clean<br />
</pre><br />
<br />
Note the addition of the --clean argument.<br />
<br />
I know this works with mongrel 1.1.4 and mongrel_cluster 1.0.5. An earlier mongrel_cluster did not respect the --clean argument properly--and I found that having a simultaenous install of the earlier mongrel_cluster for some reason caused it to be used instead of the later one. gem isn't supposed to work that way. But best make sure you have no mongrel_clusters earlier than 1.0.5 installed.<br />
<br />
== SFX Configuration ==<br />
<br />
=== Institute Feature ===<br />
<br />
This only matters if you use the SFX institute feature. Umlaut sends a req.ip=[client ip] param, which SFX is supposed to use to treat the request as if it came from that IP, not umlaut's ip. That works if the req.ip matches an SFX institute. But if it does not match any institute, you want SFX to treat the request as if it did not match any institute. Instead it consults the actual umlaut server IP and connects THAT to an institute. This is bad. <br />
<br />
As a work around, define an institute in SFX that is listed first alphabetically (eg, "aaa_umlaut_server") that matches the Umlaut server's IP address(es). Now if req.ip doesn't match anything, SFX will decide the request matches "aaa_umlaut_server" institute--which won't effect anything, will be treated just like a non-local address--instead of matching on umlaut server address which might match a wrong institute. <br />
<br />
This bug has been reported to Ex Libris.</div>Scotdaltonhttps://wiki.code4lib.org/index.php?title=Umlaut_Deployment&diff=7809Umlaut Deployment2011-04-07T14:59:51Z<p>Scotdalton: </p>
<hr />
<div>[[Category:Umlaut]]<br />
<br />
So you have your Umlaut running by executing "./scripts/server" in the Umlaut directory, and then it launches on port 3000 by default, and you connect to port 3000. This is fine for some initial confirmation that you've got your setup working, and for development, but how do you actually deploy it?<br />
<br />
Turns out there are several possible deploy environments for a Rails application. There is not necessarily one standard or best one at the moment, different people use different ones in different circumstances.<br />
<br />
Jonathan Rochkind at Hopkins uses mongrel, mongrel_cluster and Apache mod_proxy and mod_proxy_balancer on a unix system for his deploy environment. He went down this road because it was what was recommended by the [http://www.pragprog.com/titles/rails2 Rails Agile Development book]. We may explore other deploy enviroments (such as 'passenger') in the future. We would definitely not be optimistic about running Umlaut on Windows. *Lately mod_rails/Passenger is clearly the preferred Rails deployment in general, and jrochkind wants to find time to set it up and test it, but hasn't yet.*<br />
<br />
Since jrochkind is writing this documentation, he can only tell you how to do it how he did. You do need to have a verison of Apache that includes mod_proxy_balancer (> apache 2.2? ), but if you do, jrochkind is fairly happy with the solution.<br />
<br />
These two pages from the mongrel website on [http://mongrel.rubyforge.org/wiki/Apache Apache Best Practice Deployment] and [http://mongrel.rubyforge.org/docs/mongrel_cluster.html Using Mongrel Cluster] are pretty good how-tos for mongrel. But we will also take you through it here, with specific directions and Umlaut recommendations and pit-falls we ran into.<br />
<br />
Alternatively, based on Ross Singer's recommendation, scotdalton is using [thin|http://code.macournoyer.com/thin/] and Apache at NYU. The setup is almost identical to mongrel and is detailed at [Umlaut Deployment with Thin and Apache]<br />
<br />
== Quick start 'wizard' ==<br />
<br />
New! A Rails generator to set up config files for you, and make deployment with mongrel cluster and apache much easier. <br />
<br />
=== Prerequisites ===<br />
<br />
* Install 'mongrel' and 'mongrel_cluster' gems. <br />
* Apache needs mod_proxy and mod_proxy_balancer (which means it needs to be apache >2.2 I think, and have those modules turned on). <br />
* You need to have access to an apache conf file to add some statements to hook your mongrel cluster up to the web.<br />
<br />
=== To run ===<br />
<br />
You can simply run ./script/generate mongrel_deploy_files to generate config files for an Umlaut mongrel cluster deployment. This makes some assumptions, detailed below--to change all of these options, run ./script/generate mongrel_deploy_files --help to see command line arguments, if you aren't happy with these defaults. <br />
<br />
You can run this command at any time. It will interactively prompt you if you want to overwrite your existing files, and give you a diff. (Or you can say --force to force overwriting of existing files). You can also run ./script/destroy mongrel_deploy_files to remove anything created by the generator. <br />
<br />
This process will add two files in umlaut_config/deploy, and one file in $UMLAUT/script/local/. Next, you need to hook up apache, and start your mongrels.<br />
<br />
=== default assumptions ===<br />
<br />
Several mongrel processes are being configured. By default, this is four mongrel processes on internal ports beginning at port 4001. Both of these things can be changed. <br />
<br />
By default these mongrel processes will be run as unix user 'umlaut', group 'umlaut'. So either create such a user or group, or add arguments to choose other user/group. <br />
<br />
By default the generator assumes that you are going to be deploying at 'document root' (/) in a particular apache (virtual) host. If you'd like to instead install at a sub-path, use the --prefix argument. <br />
<br />
=== Hook up apache === <br />
<br />
A file was created for you in umlaut_config/deploy/umlaut_http.conf. You need to edit your apache conf file to "Include" this umlaut_http.conf in the virtual host of your choice (or main host). You need to set up the virtual host yourself, if you want one. Then simply "Include /path/to/umlaut/config/umlaut_config/deploy/umlaut_http.conf". <br />
<br />
=== Start mongrels ===<br />
<br />
Apache is now pointing to a balanced cluster of mongrels on the ports specified by the generator, from the path specified by the generator. But those mongrels aren't running yet. You need to start them. You can do this by running:<br />
<br />
<pre><br />
sudo mongrel_rails cluster::start -C /path/to/umlaut/config/umlaut_config/deploy/mongrel_cluster.yml<br />
</pre><br />
<br />
Or, for convenience, the generator installed a little bash script to do this all for you:<br />
<br />
<pre><br />
$UMLAUT/script/local/my_mongrel_ctl (start|stop|restart|status)<br />
</pre><br />
<br />
You can set things up to auto-start your mongrels on boot, see:<br />
[http://mongrel.rubyforge.org/wiki/MongrelCluster#OnBootInitializationSetup]<br />
<br />
== The details: Umlaut Deployment with Mongrel and Apache ==<br />
<br />
There are basically two parts to getting Umlaut (or any Rails app) deployed in this setup. First is getting your Rails app running, and second is configuring Apache to connect to it properly.<br />
<br />
There are a few decisions to make. Run just one instance of Umlaut, or run multiple load balancing instances? Because of the nature of the way Umlaut works, we strongly recommend running multiple Umlaut instances regardless of how little traffic you expect. Even in a low-traffic environment, the fact that Umlaut can take several seconds to respond to a request means that multiple instances are a good idea to keep Umlaut from seeming even slower than it is. We're completely guessing, but 3 is probably a pretty good number for just about any Umlaut site, from low to high traffic.<br />
<br />
Also think about whether you what unix account you want to run Umlaut (recommended to create a special low-priv account). And whether your Umlaut URLs can be the base urls for a host (Ie, findit.library.jhu.edu points directly to umlaut), or whether you use a 'prefix' (ie, findit.library.jhu.edu/some/path/findit). Using apache virtual hosts and mounting Umlaut at the base is typical, but the prefix can work too.<br />
<br />
=== Setting up mongrel_cluster ===<br />
<br />
First you've got to install mongrel and mongrel_cluster:<br />
<br />
<br />
:sudo gem install mongrel<br />
<br />
:sudo gem install mongrel_cluster<br />
<br />
'''Reccommend you make sure you have mongrel >= 1.1.4 and mongrel_cluster >= 1.0.5. Recommend you do NOT have previous versions installed. When I had mongrel_cluster 1.0.3 simultaneously installed, it was being used, even though it shouldn't be, and its bugs were effecting me'''<br />
<br />
<br />
The point of mongrel_cluster is to save configuration information for multiple mongrel instances in one configuration file, and then you can start, stop, or restart them all with one command, and without having to remember that config information each time (and possibly get it wrong or typod).<br />
<br />
By default, mongrel_cluster keeps that configuration file in a Rails app's config/mongrel_cluster.yml. You could do that with Umlaut, but we like to keep your local config files in $Umlaut/config/umlaut_config instead (see [[Umlaut Local Configuration Architecture]]), so we recommend putting it in $Umlaut/config/umlaut_config. You can use the mongrel_rails command to write this config for you (see [http://mongrel.rubyforge.org/wiki/MongrelCluster Using Mongrel Cluster]; make sure to use the -C argument to put the config file in umlaut_config, if that's what you want), but here we'll just give you our actual mongrel_cluster.yml config, annotated. (You are certainly allowed to write it by hand).<br />
<br />
<pre><br />
<br />
# Unix account to run your processes as:\\<br />
user: umlaut <br />
<br />
#Unix group to run processes as:<br />
group: umlaut <br />
<br />
# Install dir of Umlaut you want to run from:<br />
cwd: /data/web/findit/Umlaut <br />
log_file: log/mongrel.log # Leave like this. <br />
<br />
# Start port for your instances. Any high port will do. Does NOT need need<br />
# to be open through firewall externally. <br />
port: 8000 <br />
environment: production # Leave like this<br />
address: 127.0.0.1 # Leave like this <br />
pid_file: tmp/pids/mongrel.pid # Leave like this<br />
<br />
# How many instances to run. port: 8000 with servers:3 means you'll<br />
# have a server on 8000, 8001, and 8002. <br />
servers: 3<br />
<br />
# Only if you want to start at web path other than base / :<br />
prefix: /findit # for instance. Start with slash, and don't end with one.<br />
<br />
</pre><br />
<br />
Now you can start all three of these mongrel instances by executing:<br />
<br />
:sudo mongrel_rails cluster::start -C $Umlaut/config/umlaut_config/mongrel_rails<br />
<br />
The 'sudo' is necessary because we've told mongrel_cluster to start apps as user 'umlaut' ; first need to be root before you can start a process as another user. Also cluster::stop, cluster::restart, and cluster::status<br />
<br />
We're still not sure exactly how many mongrels are neccesary to handle a given sized umlaut installation. <br />
<br />
:See below to automate the startup of these processes on boot.<br />
<br />
If you are choosing to start as a particular unix account, make sure your install dir can be read by that account! log and tmp dirs need to be writeable too. Easiest thing to do is just "sudo chgrp -R umlaut", or whatever other group you are choosing, your entire $Umlaut installation. Note that the parent directory (and all of it's parents) needs to have "x" permission for the user/group too.<br />
<br />
=== Apache Setup ===<br />
<br />
Now we set up apache using mod_proxy to 'reverse proxy' to our mongrel instances, with clustered load balancing. Make sure you have mod_proxy and mod_proxy_balancer installed and configured. Now, in your apache conf, proably in the specific virtual host you want to use for Umlaut:<br />
<br />
<pre><br />
# Very important, make sure you aren't inadvertantly making an open proxy with mod_proxy<br />
ProxyRequests off <br />
<br />
# Set up the mod_proxy blanacer, with our three instances running on 8000-8002<br />
# Note: Do not put trailing / on these<br />
<Proxy balancer://umlaut_cluster><br />
BalancerMember http://127.0.0.1:8000<br />
BalancerMember http://127.0.0.1:8001<br />
BalancerMember http://127.0.0.1:8002<br />
</Proxy><br />
<br />
# Set up ProxyPass directive to reverse proxy to SFX for handling SFX journal subscription cgi posts<br />
# This should come before the cluster ProxyPass directive.<br />
ProxyPass /resolve/cgi/core/journal_subscription.cgi http://your.sfx.host.edu:port/your_instance/cgi/core/journal_subscription.cgi<br />
ProxyPassReverse /resolve/cgi/core/journal_subscription.cgi http://your.sfx.host.edu:port/your_instance/cgi/core/journal_subscription.cgi<br />
<br />
# Now set up the ProxyPass directives to reverse proxy to that cluster<br />
# Note: DO put trailing / on these.<br />
<br />
ProxyPass / balancer://umlaut_cluster/ <br />
ProxyPassReverse / balancer://umlaut_cluster/ <br />
ProxyPreserveHost on<br />
<br />
# Or, if you were using a prefix, these would look like, eg:<br />
# ProxyPass /findit balancer://umlaut_cluster/findit/<br />
# ProxyPassReverse /findit balancer://umlaut_cluster/findit/<br />
</pre><br />
<br />
====SSL/https====<br />
<br />
If you are setting up apache to allow https requests, it should still proxy to an http mongrel as above, because mongrel doesn't speak http. However, you should include this line in the relevant SSL virtual host, to set the request header to let the Rails app know it's fronted by ssl:<br />
<br />
RequestHeader set X_FORWARDED_PROTO 'https'<br />
<br />
=== Dealing with bad query strings: More Apache Setup ===<br />
<br />
Mongrel refuses to accept a mal-formed query string. EBSCOHost, however, insists on sending such---for example, query strings with unescaped greater-than or less-than chars in them. We want to take care of this by putting directives in the apache config to rewrite these bad urls into proper escaped urls. The apache mod_redirect external map function is most convenient to use here, and a program to serve as an external map is included with umlaut. The following apache directives will take care of rewriting bad URLs. As always, $Umlaut stands for your Umlaut install dir.<br />
<br />
<pre><br />
# We want to re-write URLs with 'bad' < and > chars in the query<br />
# string (eg from EBSCO) to escape them.<br />
RewriteEngine on<br />
RewriteMap query_escape prg:$umlaut/distribution/script/rewrite_map.pl<br />
RewriteLock /var/lock/subsys/apache.rewrite.lock<br />
RewriteCond %{query_string} ^(.*[\>\<].*)$<br />
RewriteRule ^(.*)$ $1?${query_escape:%1} [R,L,NE]<br />
</pre><br />
<br />
Note: Due to a bug in Apache, ampersand chars in query string end up 'double escaped' when put through the map. We have code in a before filter in application_controller to take care of this.<br />
<br />
=== Start at Boot? ===<br />
<br />
Follow the directions at [http://mongrel.rubyforge.org/wiki/MongrelCluster#OnBootInitializationSetup Using Mongrel Cluster], which are basically:<br />
<br />
<pre><br />
sudo mkdir /etc/mongrel_cluster<br />
sudo ln -s $UMLAUT/config/umlaut_config/mongrel_cluster.yml /etc/mongrel_cluster/umlaut.yml<br />
sudo cp /path/to/mongrel_cluster_gem/resources/mongrel_cluster /etc/init.d/<br />
sudo chmod +x /etc/init.d/mongrel_cluster</pre><br />
<br />
Now your cluster will start at boot, and you can also start, stop, or restart it (and any other clusters you link into /etc/mongrel_cluster) with:<br />
<br />
<pre><br />
sudo /etc/init.d/mongrel_cluster {start|stop|restart}<br />
</pre><br />
<br />
<br />
====NOTE/WARNING==== <br />
There is a problem in mongrel_cluster that will prevent mongrels from starting up again if your machine (or mongrels) die ungracefully leaving stale pids. See http://www.ruby-forum.com/topic/105849 <br />
<br />
My better fix: Edit the /etc/init.d/mongrel_cluster bash script you installed above. Change line:<br />
<br />
<pre><br />
mongrel_cluster_ctl start -c $CONF_DIR<br />
</pre><br />
<br />
to:<br />
<pre><br />
mongrel_cluster_ctl start -c $CONF_DIR --clean<br />
</pre><br />
<br />
Note the addition of the --clean argument.<br />
<br />
I know this works with mongrel 1.1.4 and mongrel_cluster 1.0.5. An earlier mongrel_cluster did not respect the --clean argument properly--and I found that having a simultaenous install of the earlier mongrel_cluster for some reason caused it to be used instead of the later one. gem isn't supposed to work that way. But best make sure you have no mongrel_clusters earlier than 1.0.5 installed.<br />
<br />
== SFX Configuration ==<br />
<br />
=== Institute Feature ===<br />
<br />
This only matters if you use the SFX institute feature. Umlaut sends a req.ip=[client ip] param, which SFX is supposed to use to treat the request as if it came from that IP, not umlaut's ip. That works if the req.ip matches an SFX institute. But if it does not match any institute, you want SFX to treat the request as if it did not match any institute. Instead it consults the actual umlaut server IP and connects THAT to an institute. This is bad. <br />
<br />
As a work around, define an institute in SFX that is listed first alphabetically (eg, "aaa_umlaut_server") that matches the Umlaut server's IP address(es). Now if req.ip doesn't match anything, SFX will decide the request matches "aaa_umlaut_server" institute--which won't effect anything, will be treated just like a non-local address--instead of matching on umlaut server address which might match a wrong institute. <br />
<br />
This bug has been reported to Ex Libris.</div>Scotdaltonhttps://wiki.code4lib.org/index.php?title=Auth_Module&diff=6890Auth Module2011-01-20T21:51:04Z<p>Scotdalton: /* Not logged in, no request */</p>
<hr />
<div>[[Category:Umlaut]]<br />
<br />
== Auth Module (Developer Notes) ==<br />
The Auth module extends functionality available from the [Authlogic|http://github.com/binarylogic/authlogic] (version 2.1.0) gem and included in the lib directory based on the [Authlogic OpenID add-on|http://github.com/binarylogic/authlogic_openid].'<br />
<br />
The idea is to allow services to be customized based on a logged in user's attributes.<br />
Some examples could be: <br />
* Store a user's mobile phone number or email address to default the txt/email values for those services.<br />
* Provide extended request or paging functionality that is only available to a subset of patrons.<br />
* Allow faculty members to place items on reserve from the Umlaut screen.<br />
<br />
Currently the Auth module requires existing Umlaut users to install the authlogic gem and perform a rails migration to update the user model to work with authlogic and the auth module. After these two steps have been taken, the auth module should only take effect if a particular instance has defined a auth module in their local config.<br />
<br />
=== Umlaut Files Added or Updated ===<br />
Several core Umlaut files were added and updated in order to support the Auth module.<br />
==== app/controller/application.rb ====<br />
The '''ApplicationController''' filters passwords and provides two methods for accessing the current user session and the current user. <br />
# '''current_user_session''' (aliased as has_logged_in_user) - returns nil if no user session has been established<br />
# '''current_user''' (aliased as logged_in_user) - returns either nil or the current logged in user<br />
The application calls '''current_user_session''' as a before filter on every request.<br />
==== app/controllers/user_sessions_controller.rb ====<br />
The '''UserSessionsController''' manages the routing of user session requests and provides three methods.<br />
# '''new''' - renders the login screen or redirects to external login screen<br />
# '''validate''' - validates the user upon login<br />
# '''destroy''' - processes logout<br />
==== app/controllers/users_controller.rb ====<br />
The '''UsersController''' manages the routing of user related requests and provides two methods.<br />
# '''edit''' (also called from show) - renders the user preferences screen<br />
# '''update''' - processes updates to user preferences (not yet implemented)<br />
==== app/models/user_sessions.rb ====<br />
'''UserSessions''' extends Authlogic::Session::Base<br />
==== app/models/user.rb ====<br />
'''User''' serializes user_attributes and adds acts_as_authentic functionality to leverage the Authlogic gem. Also sets to_param to username rather than id for prettier urls.<br />
==== app/views/user_sessions/new.html.rb ====<br />
The default login screen, doesn't currently do anything.<br />
==== app/views/users/edit.html.rb ====<br />
The default user preferences screen. Users can update mobile phone numbers and the like (not yet implemented)<br />
==== config/environment.rb ====<br />
Added authlogic gem: <br />
<pre><br />
#require 'authlogic'<br />
config.gem 'authlogic', :version => "= 2.1.0"<br />
</pre><br />
==== config/routes.rb ====<br />
Added url routes:<br />
<pre><br />
map.login "login", :controller => "user_sessions", :action => "new"<br />
map.logout "logout", :controller => "user_sessions", :action => "destroy"<br />
map.validate "validate", :controller => "user_sessions", :action => "validate"<br />
map.resources :user_sessions<br />
map.resources :users<br />
</pre><br />
==== db/schema.rb ====<br />
Modified the user table to use with authlogic. Included column for mobile phone, user attributes and a refreshed_at date to track age of a particular record for better performance. By default, data expires after 1 week.<br />
==== lib/service.rb ====<br />
Make the user accessible from a particular user via the session_user method.<br />
<pre><br />
# Returns the currently logged in user, if available, based on the user_credentials_id in the <br />
# session from AuthLogic. May want to make this more sophisticated and check user_credentials<br />
# against db.<br />
def session_user<br />
return User.find(session["user_credentials_id"]) unless session["user_credentials_id"].nil?<br />
end<br />
</pre><br />
<br />
=== Auth Module ===<br />
The following files makeup the Auth module to extend the functionality of Authlogic for our purposes. <br />
==== lib/auth/acts_as_authentic.rb ====<br />
The '''ActsAsAuthentic''' module extends the authlogic user model to ignore passwords, reset_persistence_token when the username changes, manage stale data (via refreshed_at date), and handle user attributes hash.<br />
==== lib/auth/session.rb ====<br />
The '''Session''' module establishes the Auth module callback functions and can serve as a template for further localizations.<br />
Callback functions to be overridden locally as appropriate:<br />
# '''before_login''' - called when a new user session is being established, before the actual login is called<br />
# '''login_url''' - called if before_login isn't defined or returns false, convenience method for redirecting to an external login url<br />
# '''after_login''' - called after login user has been validated, provides mechanism for authorization<br />
# '''before_logout''' - called before current user session is destroyed<br />
# '''after_logout''' - called after current user session is destroyed<br />
# '''on_every_request''' - called on every request<br />
The module also has two private methods for use in extended local classes.<br />
# '''validate_url''' - generates the return url to send to external logins services<br />
# '''session_user''' - facilitates saving user attributes to the user model<br />
<br />
== Configuring Local Auth Modules ==<br />
<br />
=== Auth Module Example ===<br />
AuthPDS was developed at NYU as an example of generating a plugin and populating the stub methods provided.<br />
<br />
At NYU we're currently using the Auth module in our holdings table to offer request functionality based on "patron status". We display a request button, if the patron has the appropriate status to be able to request/page items and use a custom controller to provide this functionality seamlessly. Screenshots of this functionality can be seen below.<br />
<br />
==== lib/auth/local/auth_pds.rb ====<br />
The AuthPDS module gets mixed in with the Session module to log in via PDS (customized for NYU). It implements the following callback functions:<br />
# '''login_url''' - provides PDS login URL to redirect to<br />
# '''after_login''' - checks authorization, stores some cookies to improve performance, saves some user data when appropriate<br />
# '''logout_url''' - provides PDS logout URL<br />
# '''after_logout''' - destroys some cookies that were stored to improve performance<br />
# '''on_every_request''' - checks if the user has logged in (e.g. from another PDS SSO system)<br />
<br />
==== config/umlaut_config/environment.rb ====<br />
The auth configuration settings are added to the local environment.rb to establish the appropriate class to mix in and to pass various options to the module.<br />
<pre><br />
config.app_config.login = {<br />
# File name<br />
:id => "auth_pds",<br />
# Class name<br />
:module => :AuthPDS,<br />
:options => {<br />
# Make expiration date configurable<br />
:expiration_date => lambda {return 1.week.ago},<br />
# OpenSSO URL, specific to NYU's implementation of PDS.<br />
# Could easily be removed to make the local PDS module more generic.<br />
:opensso_path => "https://login.nyu.edu:443/sso",<br />
# PDS URL<br />
:pds_url => "https://pds.library.institution.edu:443/",<br />
# System name since the module is used in many different contexts and different apps<br />
:system_name => :umlaut,<br />
# Cookie name that is used to help with performance since the module is used in <br />
# many different contexts and different apps<br />
:cookie_name => :nyulibrary_opensso_umlaut,<br />
:additional_user_attributes => lambda do |user_session|<br />
h = {}<br />
# NYU is using this module for several of our ruby apps <br />
# and this mechanism allows us to include different user attributes per system.<br />
# It's included here to give an idea of the flexibility of the module.<br />
return h<br />
end<br />
}<br />
}<br />
</pre><br />
==== Screenshots of Request Functionality ====<br />
===== Not logged in, no request =====<br />
No request button because generally patrons can't request available items.<br />
<br />
[[Image:Umlaut_no_request.png]]<br />
<br />
===== Logged in, request =====<br />
Now the request button appears because I have permission to request available items.<br />
[[Image:Umlaut_request.png]]<br />
<br />
===== Pretty jQuery modal dialog =====<br />
You get the modal dialog upon clicking the request button<br />
[[Image:Umlaut_request_modal.png]]</div>Scotdaltonhttps://wiki.code4lib.org/index.php?title=Auth_Module&diff=6889Auth Module2011-01-20T21:50:19Z<p>Scotdalton: /* Logged in, request */</p>
<hr />
<div>[[Category:Umlaut]]<br />
<br />
== Auth Module (Developer Notes) ==<br />
The Auth module extends functionality available from the [Authlogic|http://github.com/binarylogic/authlogic] (version 2.1.0) gem and included in the lib directory based on the [Authlogic OpenID add-on|http://github.com/binarylogic/authlogic_openid].'<br />
<br />
The idea is to allow services to be customized based on a logged in user's attributes.<br />
Some examples could be: <br />
* Store a user's mobile phone number or email address to default the txt/email values for those services.<br />
* Provide extended request or paging functionality that is only available to a subset of patrons.<br />
* Allow faculty members to place items on reserve from the Umlaut screen.<br />
<br />
Currently the Auth module requires existing Umlaut users to install the authlogic gem and perform a rails migration to update the user model to work with authlogic and the auth module. After these two steps have been taken, the auth module should only take effect if a particular instance has defined a auth module in their local config.<br />
<br />
=== Umlaut Files Added or Updated ===<br />
Several core Umlaut files were added and updated in order to support the Auth module.<br />
==== app/controller/application.rb ====<br />
The '''ApplicationController''' filters passwords and provides two methods for accessing the current user session and the current user. <br />
# '''current_user_session''' (aliased as has_logged_in_user) - returns nil if no user session has been established<br />
# '''current_user''' (aliased as logged_in_user) - returns either nil or the current logged in user<br />
The application calls '''current_user_session''' as a before filter on every request.<br />
==== app/controllers/user_sessions_controller.rb ====<br />
The '''UserSessionsController''' manages the routing of user session requests and provides three methods.<br />
# '''new''' - renders the login screen or redirects to external login screen<br />
# '''validate''' - validates the user upon login<br />
# '''destroy''' - processes logout<br />
==== app/controllers/users_controller.rb ====<br />
The '''UsersController''' manages the routing of user related requests and provides two methods.<br />
# '''edit''' (also called from show) - renders the user preferences screen<br />
# '''update''' - processes updates to user preferences (not yet implemented)<br />
==== app/models/user_sessions.rb ====<br />
'''UserSessions''' extends Authlogic::Session::Base<br />
==== app/models/user.rb ====<br />
'''User''' serializes user_attributes and adds acts_as_authentic functionality to leverage the Authlogic gem. Also sets to_param to username rather than id for prettier urls.<br />
==== app/views/user_sessions/new.html.rb ====<br />
The default login screen, doesn't currently do anything.<br />
==== app/views/users/edit.html.rb ====<br />
The default user preferences screen. Users can update mobile phone numbers and the like (not yet implemented)<br />
==== config/environment.rb ====<br />
Added authlogic gem: <br />
<pre><br />
#require 'authlogic'<br />
config.gem 'authlogic', :version => "= 2.1.0"<br />
</pre><br />
==== config/routes.rb ====<br />
Added url routes:<br />
<pre><br />
map.login "login", :controller => "user_sessions", :action => "new"<br />
map.logout "logout", :controller => "user_sessions", :action => "destroy"<br />
map.validate "validate", :controller => "user_sessions", :action => "validate"<br />
map.resources :user_sessions<br />
map.resources :users<br />
</pre><br />
==== db/schema.rb ====<br />
Modified the user table to use with authlogic. Included column for mobile phone, user attributes and a refreshed_at date to track age of a particular record for better performance. By default, data expires after 1 week.<br />
==== lib/service.rb ====<br />
Make the user accessible from a particular user via the session_user method.<br />
<pre><br />
# Returns the currently logged in user, if available, based on the user_credentials_id in the <br />
# session from AuthLogic. May want to make this more sophisticated and check user_credentials<br />
# against db.<br />
def session_user<br />
return User.find(session["user_credentials_id"]) unless session["user_credentials_id"].nil?<br />
end<br />
</pre><br />
<br />
=== Auth Module ===<br />
The following files makeup the Auth module to extend the functionality of Authlogic for our purposes. <br />
==== lib/auth/acts_as_authentic.rb ====<br />
The '''ActsAsAuthentic''' module extends the authlogic user model to ignore passwords, reset_persistence_token when the username changes, manage stale data (via refreshed_at date), and handle user attributes hash.<br />
==== lib/auth/session.rb ====<br />
The '''Session''' module establishes the Auth module callback functions and can serve as a template for further localizations.<br />
Callback functions to be overridden locally as appropriate:<br />
# '''before_login''' - called when a new user session is being established, before the actual login is called<br />
# '''login_url''' - called if before_login isn't defined or returns false, convenience method for redirecting to an external login url<br />
# '''after_login''' - called after login user has been validated, provides mechanism for authorization<br />
# '''before_logout''' - called before current user session is destroyed<br />
# '''after_logout''' - called after current user session is destroyed<br />
# '''on_every_request''' - called on every request<br />
The module also has two private methods for use in extended local classes.<br />
# '''validate_url''' - generates the return url to send to external logins services<br />
# '''session_user''' - facilitates saving user attributes to the user model<br />
<br />
== Configuring Local Auth Modules ==<br />
<br />
=== Auth Module Example ===<br />
AuthPDS was developed at NYU as an example of generating a plugin and populating the stub methods provided.<br />
<br />
At NYU we're currently using the Auth module in our holdings table to offer request functionality based on "patron status". We display a request button, if the patron has the appropriate status to be able to request/page items and use a custom controller to provide this functionality seamlessly. Screenshots of this functionality can be seen below.<br />
<br />
==== lib/auth/local/auth_pds.rb ====<br />
The AuthPDS module gets mixed in with the Session module to log in via PDS (customized for NYU). It implements the following callback functions:<br />
# '''login_url''' - provides PDS login URL to redirect to<br />
# '''after_login''' - checks authorization, stores some cookies to improve performance, saves some user data when appropriate<br />
# '''logout_url''' - provides PDS logout URL<br />
# '''after_logout''' - destroys some cookies that were stored to improve performance<br />
# '''on_every_request''' - checks if the user has logged in (e.g. from another PDS SSO system)<br />
<br />
==== config/umlaut_config/environment.rb ====<br />
The auth configuration settings are added to the local environment.rb to establish the appropriate class to mix in and to pass various options to the module.<br />
<pre><br />
config.app_config.login = {<br />
# File name<br />
:id => "auth_pds",<br />
# Class name<br />
:module => :AuthPDS,<br />
:options => {<br />
# Make expiration date configurable<br />
:expiration_date => lambda {return 1.week.ago},<br />
# OpenSSO URL, specific to NYU's implementation of PDS.<br />
# Could easily be removed to make the local PDS module more generic.<br />
:opensso_path => "https://login.nyu.edu:443/sso",<br />
# PDS URL<br />
:pds_url => "https://pds.library.institution.edu:443/",<br />
# System name since the module is used in many different contexts and different apps<br />
:system_name => :umlaut,<br />
# Cookie name that is used to help with performance since the module is used in <br />
# many different contexts and different apps<br />
:cookie_name => :nyulibrary_opensso_umlaut,<br />
:additional_user_attributes => lambda do |user_session|<br />
h = {}<br />
# NYU is using this module for several of our ruby apps <br />
# and this mechanism allows us to include different user attributes per system.<br />
# It's included here to give an idea of the flexibility of the module.<br />
return h<br />
end<br />
}<br />
}<br />
</pre><br />
==== Screenshots of Request Functionality ====<br />
===== Not logged in, no request =====<br />
[[Image:Umlaut_no_request.png]]<br />
<br />
===== Logged in, request =====<br />
Now the request button appears because I have permission to request available items.<br />
[[Image:Umlaut_request.png]]<br />
<br />
===== Pretty jQuery modal dialog =====<br />
You get the modal dialog upon clicking the request button<br />
[[Image:Umlaut_request_modal.png]]</div>Scotdaltonhttps://wiki.code4lib.org/index.php?title=Auth_Module&diff=6888Auth Module2011-01-20T21:49:41Z<p>Scotdalton: /* Pretty jQuery modal dialog */</p>
<hr />
<div>[[Category:Umlaut]]<br />
<br />
== Auth Module (Developer Notes) ==<br />
The Auth module extends functionality available from the [Authlogic|http://github.com/binarylogic/authlogic] (version 2.1.0) gem and included in the lib directory based on the [Authlogic OpenID add-on|http://github.com/binarylogic/authlogic_openid].'<br />
<br />
The idea is to allow services to be customized based on a logged in user's attributes.<br />
Some examples could be: <br />
* Store a user's mobile phone number or email address to default the txt/email values for those services.<br />
* Provide extended request or paging functionality that is only available to a subset of patrons.<br />
* Allow faculty members to place items on reserve from the Umlaut screen.<br />
<br />
Currently the Auth module requires existing Umlaut users to install the authlogic gem and perform a rails migration to update the user model to work with authlogic and the auth module. After these two steps have been taken, the auth module should only take effect if a particular instance has defined a auth module in their local config.<br />
<br />
=== Umlaut Files Added or Updated ===<br />
Several core Umlaut files were added and updated in order to support the Auth module.<br />
==== app/controller/application.rb ====<br />
The '''ApplicationController''' filters passwords and provides two methods for accessing the current user session and the current user. <br />
# '''current_user_session''' (aliased as has_logged_in_user) - returns nil if no user session has been established<br />
# '''current_user''' (aliased as logged_in_user) - returns either nil or the current logged in user<br />
The application calls '''current_user_session''' as a before filter on every request.<br />
==== app/controllers/user_sessions_controller.rb ====<br />
The '''UserSessionsController''' manages the routing of user session requests and provides three methods.<br />
# '''new''' - renders the login screen or redirects to external login screen<br />
# '''validate''' - validates the user upon login<br />
# '''destroy''' - processes logout<br />
==== app/controllers/users_controller.rb ====<br />
The '''UsersController''' manages the routing of user related requests and provides two methods.<br />
# '''edit''' (also called from show) - renders the user preferences screen<br />
# '''update''' - processes updates to user preferences (not yet implemented)<br />
==== app/models/user_sessions.rb ====<br />
'''UserSessions''' extends Authlogic::Session::Base<br />
==== app/models/user.rb ====<br />
'''User''' serializes user_attributes and adds acts_as_authentic functionality to leverage the Authlogic gem. Also sets to_param to username rather than id for prettier urls.<br />
==== app/views/user_sessions/new.html.rb ====<br />
The default login screen, doesn't currently do anything.<br />
==== app/views/users/edit.html.rb ====<br />
The default user preferences screen. Users can update mobile phone numbers and the like (not yet implemented)<br />
==== config/environment.rb ====<br />
Added authlogic gem: <br />
<pre><br />
#require 'authlogic'<br />
config.gem 'authlogic', :version => "= 2.1.0"<br />
</pre><br />
==== config/routes.rb ====<br />
Added url routes:<br />
<pre><br />
map.login "login", :controller => "user_sessions", :action => "new"<br />
map.logout "logout", :controller => "user_sessions", :action => "destroy"<br />
map.validate "validate", :controller => "user_sessions", :action => "validate"<br />
map.resources :user_sessions<br />
map.resources :users<br />
</pre><br />
==== db/schema.rb ====<br />
Modified the user table to use with authlogic. Included column for mobile phone, user attributes and a refreshed_at date to track age of a particular record for better performance. By default, data expires after 1 week.<br />
==== lib/service.rb ====<br />
Make the user accessible from a particular user via the session_user method.<br />
<pre><br />
# Returns the currently logged in user, if available, based on the user_credentials_id in the <br />
# session from AuthLogic. May want to make this more sophisticated and check user_credentials<br />
# against db.<br />
def session_user<br />
return User.find(session["user_credentials_id"]) unless session["user_credentials_id"].nil?<br />
end<br />
</pre><br />
<br />
=== Auth Module ===<br />
The following files makeup the Auth module to extend the functionality of Authlogic for our purposes. <br />
==== lib/auth/acts_as_authentic.rb ====<br />
The '''ActsAsAuthentic''' module extends the authlogic user model to ignore passwords, reset_persistence_token when the username changes, manage stale data (via refreshed_at date), and handle user attributes hash.<br />
==== lib/auth/session.rb ====<br />
The '''Session''' module establishes the Auth module callback functions and can serve as a template for further localizations.<br />
Callback functions to be overridden locally as appropriate:<br />
# '''before_login''' - called when a new user session is being established, before the actual login is called<br />
# '''login_url''' - called if before_login isn't defined or returns false, convenience method for redirecting to an external login url<br />
# '''after_login''' - called after login user has been validated, provides mechanism for authorization<br />
# '''before_logout''' - called before current user session is destroyed<br />
# '''after_logout''' - called after current user session is destroyed<br />
# '''on_every_request''' - called on every request<br />
The module also has two private methods for use in extended local classes.<br />
# '''validate_url''' - generates the return url to send to external logins services<br />
# '''session_user''' - facilitates saving user attributes to the user model<br />
<br />
== Configuring Local Auth Modules ==<br />
<br />
=== Auth Module Example ===<br />
AuthPDS was developed at NYU as an example of generating a plugin and populating the stub methods provided.<br />
<br />
At NYU we're currently using the Auth module in our holdings table to offer request functionality based on "patron status". We display a request button, if the patron has the appropriate status to be able to request/page items and use a custom controller to provide this functionality seamlessly. Screenshots of this functionality can be seen below.<br />
<br />
==== lib/auth/local/auth_pds.rb ====<br />
The AuthPDS module gets mixed in with the Session module to log in via PDS (customized for NYU). It implements the following callback functions:<br />
# '''login_url''' - provides PDS login URL to redirect to<br />
# '''after_login''' - checks authorization, stores some cookies to improve performance, saves some user data when appropriate<br />
# '''logout_url''' - provides PDS logout URL<br />
# '''after_logout''' - destroys some cookies that were stored to improve performance<br />
# '''on_every_request''' - checks if the user has logged in (e.g. from another PDS SSO system)<br />
<br />
==== config/umlaut_config/environment.rb ====<br />
The auth configuration settings are added to the local environment.rb to establish the appropriate class to mix in and to pass various options to the module.<br />
<pre><br />
config.app_config.login = {<br />
# File name<br />
:id => "auth_pds",<br />
# Class name<br />
:module => :AuthPDS,<br />
:options => {<br />
# Make expiration date configurable<br />
:expiration_date => lambda {return 1.week.ago},<br />
# OpenSSO URL, specific to NYU's implementation of PDS.<br />
# Could easily be removed to make the local PDS module more generic.<br />
:opensso_path => "https://login.nyu.edu:443/sso",<br />
# PDS URL<br />
:pds_url => "https://pds.library.institution.edu:443/",<br />
# System name since the module is used in many different contexts and different apps<br />
:system_name => :umlaut,<br />
# Cookie name that is used to help with performance since the module is used in <br />
# many different contexts and different apps<br />
:cookie_name => :nyulibrary_opensso_umlaut,<br />
:additional_user_attributes => lambda do |user_session|<br />
h = {}<br />
# NYU is using this module for several of our ruby apps <br />
# and this mechanism allows us to include different user attributes per system.<br />
# It's included here to give an idea of the flexibility of the module.<br />
return h<br />
end<br />
}<br />
}<br />
</pre><br />
==== Screenshots of Request Functionality ====<br />
===== Not logged in, no request =====<br />
[[Image:Umlaut_no_request.png]]<br />
<br />
===== Logged in, request =====<br />
[[Image:Umlaut_request.png]]<br />
<br />
===== Pretty jQuery modal dialog =====<br />
You get the modal dialog upon clicking the request button<br />
[[Image:Umlaut_request_modal.png]]</div>Scotdaltonhttps://wiki.code4lib.org/index.php?title=Auth_Module&diff=6887Auth Module2011-01-20T21:49:19Z<p>Scotdalton: /* Pretty jQuery modal dialog */</p>
<hr />
<div>[[Category:Umlaut]]<br />
<br />
== Auth Module (Developer Notes) ==<br />
The Auth module extends functionality available from the [Authlogic|http://github.com/binarylogic/authlogic] (version 2.1.0) gem and included in the lib directory based on the [Authlogic OpenID add-on|http://github.com/binarylogic/authlogic_openid].'<br />
<br />
The idea is to allow services to be customized based on a logged in user's attributes.<br />
Some examples could be: <br />
* Store a user's mobile phone number or email address to default the txt/email values for those services.<br />
* Provide extended request or paging functionality that is only available to a subset of patrons.<br />
* Allow faculty members to place items on reserve from the Umlaut screen.<br />
<br />
Currently the Auth module requires existing Umlaut users to install the authlogic gem and perform a rails migration to update the user model to work with authlogic and the auth module. After these two steps have been taken, the auth module should only take effect if a particular instance has defined a auth module in their local config.<br />
<br />
=== Umlaut Files Added or Updated ===<br />
Several core Umlaut files were added and updated in order to support the Auth module.<br />
==== app/controller/application.rb ====<br />
The '''ApplicationController''' filters passwords and provides two methods for accessing the current user session and the current user. <br />
# '''current_user_session''' (aliased as has_logged_in_user) - returns nil if no user session has been established<br />
# '''current_user''' (aliased as logged_in_user) - returns either nil or the current logged in user<br />
The application calls '''current_user_session''' as a before filter on every request.<br />
==== app/controllers/user_sessions_controller.rb ====<br />
The '''UserSessionsController''' manages the routing of user session requests and provides three methods.<br />
# '''new''' - renders the login screen or redirects to external login screen<br />
# '''validate''' - validates the user upon login<br />
# '''destroy''' - processes logout<br />
==== app/controllers/users_controller.rb ====<br />
The '''UsersController''' manages the routing of user related requests and provides two methods.<br />
# '''edit''' (also called from show) - renders the user preferences screen<br />
# '''update''' - processes updates to user preferences (not yet implemented)<br />
==== app/models/user_sessions.rb ====<br />
'''UserSessions''' extends Authlogic::Session::Base<br />
==== app/models/user.rb ====<br />
'''User''' serializes user_attributes and adds acts_as_authentic functionality to leverage the Authlogic gem. Also sets to_param to username rather than id for prettier urls.<br />
==== app/views/user_sessions/new.html.rb ====<br />
The default login screen, doesn't currently do anything.<br />
==== app/views/users/edit.html.rb ====<br />
The default user preferences screen. Users can update mobile phone numbers and the like (not yet implemented)<br />
==== config/environment.rb ====<br />
Added authlogic gem: <br />
<pre><br />
#require 'authlogic'<br />
config.gem 'authlogic', :version => "= 2.1.0"<br />
</pre><br />
==== config/routes.rb ====<br />
Added url routes:<br />
<pre><br />
map.login "login", :controller => "user_sessions", :action => "new"<br />
map.logout "logout", :controller => "user_sessions", :action => "destroy"<br />
map.validate "validate", :controller => "user_sessions", :action => "validate"<br />
map.resources :user_sessions<br />
map.resources :users<br />
</pre><br />
==== db/schema.rb ====<br />
Modified the user table to use with authlogic. Included column for mobile phone, user attributes and a refreshed_at date to track age of a particular record for better performance. By default, data expires after 1 week.<br />
==== lib/service.rb ====<br />
Make the user accessible from a particular user via the session_user method.<br />
<pre><br />
# Returns the currently logged in user, if available, based on the user_credentials_id in the <br />
# session from AuthLogic. May want to make this more sophisticated and check user_credentials<br />
# against db.<br />
def session_user<br />
return User.find(session["user_credentials_id"]) unless session["user_credentials_id"].nil?<br />
end<br />
</pre><br />
<br />
=== Auth Module ===<br />
The following files makeup the Auth module to extend the functionality of Authlogic for our purposes. <br />
==== lib/auth/acts_as_authentic.rb ====<br />
The '''ActsAsAuthentic''' module extends the authlogic user model to ignore passwords, reset_persistence_token when the username changes, manage stale data (via refreshed_at date), and handle user attributes hash.<br />
==== lib/auth/session.rb ====<br />
The '''Session''' module establishes the Auth module callback functions and can serve as a template for further localizations.<br />
Callback functions to be overridden locally as appropriate:<br />
# '''before_login''' - called when a new user session is being established, before the actual login is called<br />
# '''login_url''' - called if before_login isn't defined or returns false, convenience method for redirecting to an external login url<br />
# '''after_login''' - called after login user has been validated, provides mechanism for authorization<br />
# '''before_logout''' - called before current user session is destroyed<br />
# '''after_logout''' - called after current user session is destroyed<br />
# '''on_every_request''' - called on every request<br />
The module also has two private methods for use in extended local classes.<br />
# '''validate_url''' - generates the return url to send to external logins services<br />
# '''session_user''' - facilitates saving user attributes to the user model<br />
<br />
== Configuring Local Auth Modules ==<br />
<br />
=== Auth Module Example ===<br />
AuthPDS was developed at NYU as an example of generating a plugin and populating the stub methods provided.<br />
<br />
At NYU we're currently using the Auth module in our holdings table to offer request functionality based on "patron status". We display a request button, if the patron has the appropriate status to be able to request/page items and use a custom controller to provide this functionality seamlessly. Screenshots of this functionality can be seen below.<br />
<br />
==== lib/auth/local/auth_pds.rb ====<br />
The AuthPDS module gets mixed in with the Session module to log in via PDS (customized for NYU). It implements the following callback functions:<br />
# '''login_url''' - provides PDS login URL to redirect to<br />
# '''after_login''' - checks authorization, stores some cookies to improve performance, saves some user data when appropriate<br />
# '''logout_url''' - provides PDS logout URL<br />
# '''after_logout''' - destroys some cookies that were stored to improve performance<br />
# '''on_every_request''' - checks if the user has logged in (e.g. from another PDS SSO system)<br />
<br />
==== config/umlaut_config/environment.rb ====<br />
The auth configuration settings are added to the local environment.rb to establish the appropriate class to mix in and to pass various options to the module.<br />
<pre><br />
config.app_config.login = {<br />
# File name<br />
:id => "auth_pds",<br />
# Class name<br />
:module => :AuthPDS,<br />
:options => {<br />
# Make expiration date configurable<br />
:expiration_date => lambda {return 1.week.ago},<br />
# OpenSSO URL, specific to NYU's implementation of PDS.<br />
# Could easily be removed to make the local PDS module more generic.<br />
:opensso_path => "https://login.nyu.edu:443/sso",<br />
# PDS URL<br />
:pds_url => "https://pds.library.institution.edu:443/",<br />
# System name since the module is used in many different contexts and different apps<br />
:system_name => :umlaut,<br />
# Cookie name that is used to help with performance since the module is used in <br />
# many different contexts and different apps<br />
:cookie_name => :nyulibrary_opensso_umlaut,<br />
:additional_user_attributes => lambda do |user_session|<br />
h = {}<br />
# NYU is using this module for several of our ruby apps <br />
# and this mechanism allows us to include different user attributes per system.<br />
# It's included here to give an idea of the flexibility of the module.<br />
return h<br />
end<br />
}<br />
}<br />
</pre><br />
==== Screenshots of Request Functionality ====<br />
===== Not logged in, no request =====<br />
[[Image:Umlaut_no_request.png]]<br />
<br />
===== Logged in, request =====<br />
[[Image:Umlaut_request.png]]<br />
<br />
===== Pretty jQuery modal dialog =====<br />
You see this screen upon clicking the request button<br />
[[Image:Umlaut_request_modal.png]]</div>Scotdaltonhttps://wiki.code4lib.org/index.php?title=Auth_Module&diff=6886Auth Module2011-01-20T21:43:57Z<p>Scotdalton: /* Screenshots of Request Functionality */</p>
<hr />
<div>[[Category:Umlaut]]<br />
<br />
== Auth Module (Developer Notes) ==<br />
The Auth module extends functionality available from the [Authlogic|http://github.com/binarylogic/authlogic] (version 2.1.0) gem and included in the lib directory based on the [Authlogic OpenID add-on|http://github.com/binarylogic/authlogic_openid].'<br />
<br />
The idea is to allow services to be customized based on a logged in user's attributes.<br />
Some examples could be: <br />
* Store a user's mobile phone number or email address to default the txt/email values for those services.<br />
* Provide extended request or paging functionality that is only available to a subset of patrons.<br />
* Allow faculty members to place items on reserve from the Umlaut screen.<br />
<br />
Currently the Auth module requires existing Umlaut users to install the authlogic gem and perform a rails migration to update the user model to work with authlogic and the auth module. After these two steps have been taken, the auth module should only take effect if a particular instance has defined a auth module in their local config.<br />
<br />
=== Umlaut Files Added or Updated ===<br />
Several core Umlaut files were added and updated in order to support the Auth module.<br />
==== app/controller/application.rb ====<br />
The '''ApplicationController''' filters passwords and provides two methods for accessing the current user session and the current user. <br />
# '''current_user_session''' (aliased as has_logged_in_user) - returns nil if no user session has been established<br />
# '''current_user''' (aliased as logged_in_user) - returns either nil or the current logged in user<br />
The application calls '''current_user_session''' as a before filter on every request.<br />
==== app/controllers/user_sessions_controller.rb ====<br />
The '''UserSessionsController''' manages the routing of user session requests and provides three methods.<br />
# '''new''' - renders the login screen or redirects to external login screen<br />
# '''validate''' - validates the user upon login<br />
# '''destroy''' - processes logout<br />
==== app/controllers/users_controller.rb ====<br />
The '''UsersController''' manages the routing of user related requests and provides two methods.<br />
# '''edit''' (also called from show) - renders the user preferences screen<br />
# '''update''' - processes updates to user preferences (not yet implemented)<br />
==== app/models/user_sessions.rb ====<br />
'''UserSessions''' extends Authlogic::Session::Base<br />
==== app/models/user.rb ====<br />
'''User''' serializes user_attributes and adds acts_as_authentic functionality to leverage the Authlogic gem. Also sets to_param to username rather than id for prettier urls.<br />
==== app/views/user_sessions/new.html.rb ====<br />
The default login screen, doesn't currently do anything.<br />
==== app/views/users/edit.html.rb ====<br />
The default user preferences screen. Users can update mobile phone numbers and the like (not yet implemented)<br />
==== config/environment.rb ====<br />
Added authlogic gem: <br />
<pre><br />
#require 'authlogic'<br />
config.gem 'authlogic', :version => "= 2.1.0"<br />
</pre><br />
==== config/routes.rb ====<br />
Added url routes:<br />
<pre><br />
map.login "login", :controller => "user_sessions", :action => "new"<br />
map.logout "logout", :controller => "user_sessions", :action => "destroy"<br />
map.validate "validate", :controller => "user_sessions", :action => "validate"<br />
map.resources :user_sessions<br />
map.resources :users<br />
</pre><br />
==== db/schema.rb ====<br />
Modified the user table to use with authlogic. Included column for mobile phone, user attributes and a refreshed_at date to track age of a particular record for better performance. By default, data expires after 1 week.<br />
==== lib/service.rb ====<br />
Make the user accessible from a particular user via the session_user method.<br />
<pre><br />
# Returns the currently logged in user, if available, based on the user_credentials_id in the <br />
# session from AuthLogic. May want to make this more sophisticated and check user_credentials<br />
# against db.<br />
def session_user<br />
return User.find(session["user_credentials_id"]) unless session["user_credentials_id"].nil?<br />
end<br />
</pre><br />
<br />
=== Auth Module ===<br />
The following files makeup the Auth module to extend the functionality of Authlogic for our purposes. <br />
==== lib/auth/acts_as_authentic.rb ====<br />
The '''ActsAsAuthentic''' module extends the authlogic user model to ignore passwords, reset_persistence_token when the username changes, manage stale data (via refreshed_at date), and handle user attributes hash.<br />
==== lib/auth/session.rb ====<br />
The '''Session''' module establishes the Auth module callback functions and can serve as a template for further localizations.<br />
Callback functions to be overridden locally as appropriate:<br />
# '''before_login''' - called when a new user session is being established, before the actual login is called<br />
# '''login_url''' - called if before_login isn't defined or returns false, convenience method for redirecting to an external login url<br />
# '''after_login''' - called after login user has been validated, provides mechanism for authorization<br />
# '''before_logout''' - called before current user session is destroyed<br />
# '''after_logout''' - called after current user session is destroyed<br />
# '''on_every_request''' - called on every request<br />
The module also has two private methods for use in extended local classes.<br />
# '''validate_url''' - generates the return url to send to external logins services<br />
# '''session_user''' - facilitates saving user attributes to the user model<br />
<br />
== Configuring Local Auth Modules ==<br />
<br />
=== Auth Module Example ===<br />
AuthPDS was developed at NYU as an example of generating a plugin and populating the stub methods provided.<br />
<br />
At NYU we're currently using the Auth module in our holdings table to offer request functionality based on "patron status". We display a request button, if the patron has the appropriate status to be able to request/page items and use a custom controller to provide this functionality seamlessly. Screenshots of this functionality can be seen below.<br />
<br />
==== lib/auth/local/auth_pds.rb ====<br />
The AuthPDS module gets mixed in with the Session module to log in via PDS (customized for NYU). It implements the following callback functions:<br />
# '''login_url''' - provides PDS login URL to redirect to<br />
# '''after_login''' - checks authorization, stores some cookies to improve performance, saves some user data when appropriate<br />
# '''logout_url''' - provides PDS logout URL<br />
# '''after_logout''' - destroys some cookies that were stored to improve performance<br />
# '''on_every_request''' - checks if the user has logged in (e.g. from another PDS SSO system)<br />
<br />
==== config/umlaut_config/environment.rb ====<br />
The auth configuration settings are added to the local environment.rb to establish the appropriate class to mix in and to pass various options to the module.<br />
<pre><br />
config.app_config.login = {<br />
# File name<br />
:id => "auth_pds",<br />
# Class name<br />
:module => :AuthPDS,<br />
:options => {<br />
# Make expiration date configurable<br />
:expiration_date => lambda {return 1.week.ago},<br />
# OpenSSO URL, specific to NYU's implementation of PDS.<br />
# Could easily be removed to make the local PDS module more generic.<br />
:opensso_path => "https://login.nyu.edu:443/sso",<br />
# PDS URL<br />
:pds_url => "https://pds.library.institution.edu:443/",<br />
# System name since the module is used in many different contexts and different apps<br />
:system_name => :umlaut,<br />
# Cookie name that is used to help with performance since the module is used in <br />
# many different contexts and different apps<br />
:cookie_name => :nyulibrary_opensso_umlaut,<br />
:additional_user_attributes => lambda do |user_session|<br />
h = {}<br />
# NYU is using this module for several of our ruby apps <br />
# and this mechanism allows us to include different user attributes per system.<br />
# It's included here to give an idea of the flexibility of the module.<br />
return h<br />
end<br />
}<br />
}<br />
</pre><br />
==== Screenshots of Request Functionality ====<br />
===== Not logged in, no request =====<br />
[[Image:Umlaut_no_request.png]]<br />
<br />
===== Logged in, request =====<br />
[[Image:Umlaut_request.png]]<br />
<br />
===== Pretty jQuery modal dialog =====<br />
[[Image:Umlaut_request_modal.png]]</div>Scotdaltonhttps://wiki.code4lib.org/index.php?title=File:Umlaut_request_modal.png&diff=6885File:Umlaut request modal.png2011-01-20T21:43:09Z<p>Scotdalton: </p>
<hr />
<div></div>Scotdaltonhttps://wiki.code4lib.org/index.php?title=File:Umlaut_request.png&diff=6884File:Umlaut request.png2011-01-20T21:42:53Z<p>Scotdalton: </p>
<hr />
<div></div>Scotdaltonhttps://wiki.code4lib.org/index.php?title=File:Umlaut_no_request.png&diff=6883File:Umlaut no request.png2011-01-20T21:42:33Z<p>Scotdalton: </p>
<hr />
<div></div>Scotdaltonhttps://wiki.code4lib.org/index.php?title=Auth_Module&diff=6882Auth Module2011-01-20T21:41:52Z<p>Scotdalton: /* Screenshots of Request Functionality */</p>
<hr />
<div>[[Category:Umlaut]]<br />
<br />
== Auth Module (Developer Notes) ==<br />
The Auth module extends functionality available from the [Authlogic|http://github.com/binarylogic/authlogic] (version 2.1.0) gem and included in the lib directory based on the [Authlogic OpenID add-on|http://github.com/binarylogic/authlogic_openid].'<br />
<br />
The idea is to allow services to be customized based on a logged in user's attributes.<br />
Some examples could be: <br />
* Store a user's mobile phone number or email address to default the txt/email values for those services.<br />
* Provide extended request or paging functionality that is only available to a subset of patrons.<br />
* Allow faculty members to place items on reserve from the Umlaut screen.<br />
<br />
Currently the Auth module requires existing Umlaut users to install the authlogic gem and perform a rails migration to update the user model to work with authlogic and the auth module. After these two steps have been taken, the auth module should only take effect if a particular instance has defined a auth module in their local config.<br />
<br />
=== Umlaut Files Added or Updated ===<br />
Several core Umlaut files were added and updated in order to support the Auth module.<br />
==== app/controller/application.rb ====<br />
The '''ApplicationController''' filters passwords and provides two methods for accessing the current user session and the current user. <br />
# '''current_user_session''' (aliased as has_logged_in_user) - returns nil if no user session has been established<br />
# '''current_user''' (aliased as logged_in_user) - returns either nil or the current logged in user<br />
The application calls '''current_user_session''' as a before filter on every request.<br />
==== app/controllers/user_sessions_controller.rb ====<br />
The '''UserSessionsController''' manages the routing of user session requests and provides three methods.<br />
# '''new''' - renders the login screen or redirects to external login screen<br />
# '''validate''' - validates the user upon login<br />
# '''destroy''' - processes logout<br />
==== app/controllers/users_controller.rb ====<br />
The '''UsersController''' manages the routing of user related requests and provides two methods.<br />
# '''edit''' (also called from show) - renders the user preferences screen<br />
# '''update''' - processes updates to user preferences (not yet implemented)<br />
==== app/models/user_sessions.rb ====<br />
'''UserSessions''' extends Authlogic::Session::Base<br />
==== app/models/user.rb ====<br />
'''User''' serializes user_attributes and adds acts_as_authentic functionality to leverage the Authlogic gem. Also sets to_param to username rather than id for prettier urls.<br />
==== app/views/user_sessions/new.html.rb ====<br />
The default login screen, doesn't currently do anything.<br />
==== app/views/users/edit.html.rb ====<br />
The default user preferences screen. Users can update mobile phone numbers and the like (not yet implemented)<br />
==== config/environment.rb ====<br />
Added authlogic gem: <br />
<pre><br />
#require 'authlogic'<br />
config.gem 'authlogic', :version => "= 2.1.0"<br />
</pre><br />
==== config/routes.rb ====<br />
Added url routes:<br />
<pre><br />
map.login "login", :controller => "user_sessions", :action => "new"<br />
map.logout "logout", :controller => "user_sessions", :action => "destroy"<br />
map.validate "validate", :controller => "user_sessions", :action => "validate"<br />
map.resources :user_sessions<br />
map.resources :users<br />
</pre><br />
==== db/schema.rb ====<br />
Modified the user table to use with authlogic. Included column for mobile phone, user attributes and a refreshed_at date to track age of a particular record for better performance. By default, data expires after 1 week.<br />
==== lib/service.rb ====<br />
Make the user accessible from a particular user via the session_user method.<br />
<pre><br />
# Returns the currently logged in user, if available, based on the user_credentials_id in the <br />
# session from AuthLogic. May want to make this more sophisticated and check user_credentials<br />
# against db.<br />
def session_user<br />
return User.find(session["user_credentials_id"]) unless session["user_credentials_id"].nil?<br />
end<br />
</pre><br />
<br />
=== Auth Module ===<br />
The following files makeup the Auth module to extend the functionality of Authlogic for our purposes. <br />
==== lib/auth/acts_as_authentic.rb ====<br />
The '''ActsAsAuthentic''' module extends the authlogic user model to ignore passwords, reset_persistence_token when the username changes, manage stale data (via refreshed_at date), and handle user attributes hash.<br />
==== lib/auth/session.rb ====<br />
The '''Session''' module establishes the Auth module callback functions and can serve as a template for further localizations.<br />
Callback functions to be overridden locally as appropriate:<br />
# '''before_login''' - called when a new user session is being established, before the actual login is called<br />
# '''login_url''' - called if before_login isn't defined or returns false, convenience method for redirecting to an external login url<br />
# '''after_login''' - called after login user has been validated, provides mechanism for authorization<br />
# '''before_logout''' - called before current user session is destroyed<br />
# '''after_logout''' - called after current user session is destroyed<br />
# '''on_every_request''' - called on every request<br />
The module also has two private methods for use in extended local classes.<br />
# '''validate_url''' - generates the return url to send to external logins services<br />
# '''session_user''' - facilitates saving user attributes to the user model<br />
<br />
== Configuring Local Auth Modules ==<br />
<br />
=== Auth Module Example ===<br />
AuthPDS was developed at NYU as an example of generating a plugin and populating the stub methods provided.<br />
<br />
At NYU we're currently using the Auth module in our holdings table to offer request functionality based on "patron status". We display a request button, if the patron has the appropriate status to be able to request/page items and use a custom controller to provide this functionality seamlessly. Screenshots of this functionality can be seen below.<br />
<br />
==== lib/auth/local/auth_pds.rb ====<br />
The AuthPDS module gets mixed in with the Session module to log in via PDS (customized for NYU). It implements the following callback functions:<br />
# '''login_url''' - provides PDS login URL to redirect to<br />
# '''after_login''' - checks authorization, stores some cookies to improve performance, saves some user data when appropriate<br />
# '''logout_url''' - provides PDS logout URL<br />
# '''after_logout''' - destroys some cookies that were stored to improve performance<br />
# '''on_every_request''' - checks if the user has logged in (e.g. from another PDS SSO system)<br />
<br />
==== config/umlaut_config/environment.rb ====<br />
The auth configuration settings are added to the local environment.rb to establish the appropriate class to mix in and to pass various options to the module.<br />
<pre><br />
config.app_config.login = {<br />
# File name<br />
:id => "auth_pds",<br />
# Class name<br />
:module => :AuthPDS,<br />
:options => {<br />
# Make expiration date configurable<br />
:expiration_date => lambda {return 1.week.ago},<br />
# OpenSSO URL, specific to NYU's implementation of PDS.<br />
# Could easily be removed to make the local PDS module more generic.<br />
:opensso_path => "https://login.nyu.edu:443/sso",<br />
# PDS URL<br />
:pds_url => "https://pds.library.institution.edu:443/",<br />
# System name since the module is used in many different contexts and different apps<br />
:system_name => :umlaut,<br />
# Cookie name that is used to help with performance since the module is used in <br />
# many different contexts and different apps<br />
:cookie_name => :nyulibrary_opensso_umlaut,<br />
:additional_user_attributes => lambda do |user_session|<br />
h = {}<br />
# NYU is using this module for several of our ruby apps <br />
# and this mechanism allows us to include different user attributes per system.<br />
# It's included here to give an idea of the flexibility of the module.<br />
return h<br />
end<br />
}<br />
}<br />
</pre><br />
==== Screenshots of Request Functionality ====<br />
===== Not logged in, no request =====<br />
<br />
===== Logged in, request =====<br />
<br />
===== Pretty jQuery modal dialog =====</div>Scotdaltonhttps://wiki.code4lib.org/index.php?title=Auth_Module&diff=6881Auth Module2011-01-20T21:41:31Z<p>Scotdalton: /* Not logged in, no request = */</p>
<hr />
<div>[[Category:Umlaut]]<br />
<br />
== Auth Module (Developer Notes) ==<br />
The Auth module extends functionality available from the [Authlogic|http://github.com/binarylogic/authlogic] (version 2.1.0) gem and included in the lib directory based on the [Authlogic OpenID add-on|http://github.com/binarylogic/authlogic_openid].'<br />
<br />
The idea is to allow services to be customized based on a logged in user's attributes.<br />
Some examples could be: <br />
* Store a user's mobile phone number or email address to default the txt/email values for those services.<br />
* Provide extended request or paging functionality that is only available to a subset of patrons.<br />
* Allow faculty members to place items on reserve from the Umlaut screen.<br />
<br />
Currently the Auth module requires existing Umlaut users to install the authlogic gem and perform a rails migration to update the user model to work with authlogic and the auth module. After these two steps have been taken, the auth module should only take effect if a particular instance has defined a auth module in their local config.<br />
<br />
=== Umlaut Files Added or Updated ===<br />
Several core Umlaut files were added and updated in order to support the Auth module.<br />
==== app/controller/application.rb ====<br />
The '''ApplicationController''' filters passwords and provides two methods for accessing the current user session and the current user. <br />
# '''current_user_session''' (aliased as has_logged_in_user) - returns nil if no user session has been established<br />
# '''current_user''' (aliased as logged_in_user) - returns either nil or the current logged in user<br />
The application calls '''current_user_session''' as a before filter on every request.<br />
==== app/controllers/user_sessions_controller.rb ====<br />
The '''UserSessionsController''' manages the routing of user session requests and provides three methods.<br />
# '''new''' - renders the login screen or redirects to external login screen<br />
# '''validate''' - validates the user upon login<br />
# '''destroy''' - processes logout<br />
==== app/controllers/users_controller.rb ====<br />
The '''UsersController''' manages the routing of user related requests and provides two methods.<br />
# '''edit''' (also called from show) - renders the user preferences screen<br />
# '''update''' - processes updates to user preferences (not yet implemented)<br />
==== app/models/user_sessions.rb ====<br />
'''UserSessions''' extends Authlogic::Session::Base<br />
==== app/models/user.rb ====<br />
'''User''' serializes user_attributes and adds acts_as_authentic functionality to leverage the Authlogic gem. Also sets to_param to username rather than id for prettier urls.<br />
==== app/views/user_sessions/new.html.rb ====<br />
The default login screen, doesn't currently do anything.<br />
==== app/views/users/edit.html.rb ====<br />
The default user preferences screen. Users can update mobile phone numbers and the like (not yet implemented)<br />
==== config/environment.rb ====<br />
Added authlogic gem: <br />
<pre><br />
#require 'authlogic'<br />
config.gem 'authlogic', :version => "= 2.1.0"<br />
</pre><br />
==== config/routes.rb ====<br />
Added url routes:<br />
<pre><br />
map.login "login", :controller => "user_sessions", :action => "new"<br />
map.logout "logout", :controller => "user_sessions", :action => "destroy"<br />
map.validate "validate", :controller => "user_sessions", :action => "validate"<br />
map.resources :user_sessions<br />
map.resources :users<br />
</pre><br />
==== db/schema.rb ====<br />
Modified the user table to use with authlogic. Included column for mobile phone, user attributes and a refreshed_at date to track age of a particular record for better performance. By default, data expires after 1 week.<br />
==== lib/service.rb ====<br />
Make the user accessible from a particular user via the session_user method.<br />
<pre><br />
# Returns the currently logged in user, if available, based on the user_credentials_id in the <br />
# session from AuthLogic. May want to make this more sophisticated and check user_credentials<br />
# against db.<br />
def session_user<br />
return User.find(session["user_credentials_id"]) unless session["user_credentials_id"].nil?<br />
end<br />
</pre><br />
<br />
=== Auth Module ===<br />
The following files makeup the Auth module to extend the functionality of Authlogic for our purposes. <br />
==== lib/auth/acts_as_authentic.rb ====<br />
The '''ActsAsAuthentic''' module extends the authlogic user model to ignore passwords, reset_persistence_token when the username changes, manage stale data (via refreshed_at date), and handle user attributes hash.<br />
==== lib/auth/session.rb ====<br />
The '''Session''' module establishes the Auth module callback functions and can serve as a template for further localizations.<br />
Callback functions to be overridden locally as appropriate:<br />
# '''before_login''' - called when a new user session is being established, before the actual login is called<br />
# '''login_url''' - called if before_login isn't defined or returns false, convenience method for redirecting to an external login url<br />
# '''after_login''' - called after login user has been validated, provides mechanism for authorization<br />
# '''before_logout''' - called before current user session is destroyed<br />
# '''after_logout''' - called after current user session is destroyed<br />
# '''on_every_request''' - called on every request<br />
The module also has two private methods for use in extended local classes.<br />
# '''validate_url''' - generates the return url to send to external logins services<br />
# '''session_user''' - facilitates saving user attributes to the user model<br />
<br />
== Configuring Local Auth Modules ==<br />
<br />
=== Auth Module Example ===<br />
AuthPDS was developed at NYU as an example of generating a plugin and populating the stub methods provided.<br />
<br />
At NYU we're currently using the Auth module in our holdings table to offer request functionality based on "patron status". We display a request button, if the patron has the appropriate status to be able to request/page items and use a custom controller to provide this functionality seamlessly. Screenshots of this functionality can be seen below.<br />
<br />
==== lib/auth/local/auth_pds.rb ====<br />
The AuthPDS module gets mixed in with the Session module to log in via PDS (customized for NYU). It implements the following callback functions:<br />
# '''login_url''' - provides PDS login URL to redirect to<br />
# '''after_login''' - checks authorization, stores some cookies to improve performance, saves some user data when appropriate<br />
# '''logout_url''' - provides PDS logout URL<br />
# '''after_logout''' - destroys some cookies that were stored to improve performance<br />
# '''on_every_request''' - checks if the user has logged in (e.g. from another PDS SSO system)<br />
<br />
==== config/umlaut_config/environment.rb ====<br />
The auth configuration settings are added to the local environment.rb to establish the appropriate class to mix in and to pass various options to the module.<br />
<pre><br />
config.app_config.login = {<br />
# File name<br />
:id => "auth_pds",<br />
# Class name<br />
:module => :AuthPDS,<br />
:options => {<br />
# Make expiration date configurable<br />
:expiration_date => lambda {return 1.week.ago},<br />
# OpenSSO URL, specific to NYU's implementation of PDS.<br />
# Could easily be removed to make the local PDS module more generic.<br />
:opensso_path => "https://login.nyu.edu:443/sso",<br />
# PDS URL<br />
:pds_url => "https://pds.library.institution.edu:443/",<br />
# System name since the module is used in many different contexts and different apps<br />
:system_name => :umlaut,<br />
# Cookie name that is used to help with performance since the module is used in <br />
# many different contexts and different apps<br />
:cookie_name => :nyulibrary_opensso_umlaut,<br />
:additional_user_attributes => lambda do |user_session|<br />
h = {}<br />
# NYU is using this module for several of our ruby apps <br />
# and this mechanism allows us to include different user attributes per system.<br />
# It's included here to give an idea of the flexibility of the module.<br />
return h<br />
end<br />
}<br />
}<br />
</pre><br />
==== Screenshots of Request Functionality ====<br />
===== Not logged in, no request =====<br />
<br />
===== Logged in, request ======<br />
<br />
===== Pretty jQuery modal dialog ======</div>Scotdaltonhttps://wiki.code4lib.org/index.php?title=Auth_Module&diff=6880Auth Module2011-01-20T21:41:17Z<p>Scotdalton: /* Configuring Local Auth Modules */</p>
<hr />
<div>[[Category:Umlaut]]<br />
<br />
== Auth Module (Developer Notes) ==<br />
The Auth module extends functionality available from the [Authlogic|http://github.com/binarylogic/authlogic] (version 2.1.0) gem and included in the lib directory based on the [Authlogic OpenID add-on|http://github.com/binarylogic/authlogic_openid].'<br />
<br />
The idea is to allow services to be customized based on a logged in user's attributes.<br />
Some examples could be: <br />
* Store a user's mobile phone number or email address to default the txt/email values for those services.<br />
* Provide extended request or paging functionality that is only available to a subset of patrons.<br />
* Allow faculty members to place items on reserve from the Umlaut screen.<br />
<br />
Currently the Auth module requires existing Umlaut users to install the authlogic gem and perform a rails migration to update the user model to work with authlogic and the auth module. After these two steps have been taken, the auth module should only take effect if a particular instance has defined a auth module in their local config.<br />
<br />
=== Umlaut Files Added or Updated ===<br />
Several core Umlaut files were added and updated in order to support the Auth module.<br />
==== app/controller/application.rb ====<br />
The '''ApplicationController''' filters passwords and provides two methods for accessing the current user session and the current user. <br />
# '''current_user_session''' (aliased as has_logged_in_user) - returns nil if no user session has been established<br />
# '''current_user''' (aliased as logged_in_user) - returns either nil or the current logged in user<br />
The application calls '''current_user_session''' as a before filter on every request.<br />
==== app/controllers/user_sessions_controller.rb ====<br />
The '''UserSessionsController''' manages the routing of user session requests and provides three methods.<br />
# '''new''' - renders the login screen or redirects to external login screen<br />
# '''validate''' - validates the user upon login<br />
# '''destroy''' - processes logout<br />
==== app/controllers/users_controller.rb ====<br />
The '''UsersController''' manages the routing of user related requests and provides two methods.<br />
# '''edit''' (also called from show) - renders the user preferences screen<br />
# '''update''' - processes updates to user preferences (not yet implemented)<br />
==== app/models/user_sessions.rb ====<br />
'''UserSessions''' extends Authlogic::Session::Base<br />
==== app/models/user.rb ====<br />
'''User''' serializes user_attributes and adds acts_as_authentic functionality to leverage the Authlogic gem. Also sets to_param to username rather than id for prettier urls.<br />
==== app/views/user_sessions/new.html.rb ====<br />
The default login screen, doesn't currently do anything.<br />
==== app/views/users/edit.html.rb ====<br />
The default user preferences screen. Users can update mobile phone numbers and the like (not yet implemented)<br />
==== config/environment.rb ====<br />
Added authlogic gem: <br />
<pre><br />
#require 'authlogic'<br />
config.gem 'authlogic', :version => "= 2.1.0"<br />
</pre><br />
==== config/routes.rb ====<br />
Added url routes:<br />
<pre><br />
map.login "login", :controller => "user_sessions", :action => "new"<br />
map.logout "logout", :controller => "user_sessions", :action => "destroy"<br />
map.validate "validate", :controller => "user_sessions", :action => "validate"<br />
map.resources :user_sessions<br />
map.resources :users<br />
</pre><br />
==== db/schema.rb ====<br />
Modified the user table to use with authlogic. Included column for mobile phone, user attributes and a refreshed_at date to track age of a particular record for better performance. By default, data expires after 1 week.<br />
==== lib/service.rb ====<br />
Make the user accessible from a particular user via the session_user method.<br />
<pre><br />
# Returns the currently logged in user, if available, based on the user_credentials_id in the <br />
# session from AuthLogic. May want to make this more sophisticated and check user_credentials<br />
# against db.<br />
def session_user<br />
return User.find(session["user_credentials_id"]) unless session["user_credentials_id"].nil?<br />
end<br />
</pre><br />
<br />
=== Auth Module ===<br />
The following files makeup the Auth module to extend the functionality of Authlogic for our purposes. <br />
==== lib/auth/acts_as_authentic.rb ====<br />
The '''ActsAsAuthentic''' module extends the authlogic user model to ignore passwords, reset_persistence_token when the username changes, manage stale data (via refreshed_at date), and handle user attributes hash.<br />
==== lib/auth/session.rb ====<br />
The '''Session''' module establishes the Auth module callback functions and can serve as a template for further localizations.<br />
Callback functions to be overridden locally as appropriate:<br />
# '''before_login''' - called when a new user session is being established, before the actual login is called<br />
# '''login_url''' - called if before_login isn't defined or returns false, convenience method for redirecting to an external login url<br />
# '''after_login''' - called after login user has been validated, provides mechanism for authorization<br />
# '''before_logout''' - called before current user session is destroyed<br />
# '''after_logout''' - called after current user session is destroyed<br />
# '''on_every_request''' - called on every request<br />
The module also has two private methods for use in extended local classes.<br />
# '''validate_url''' - generates the return url to send to external logins services<br />
# '''session_user''' - facilitates saving user attributes to the user model<br />
<br />
== Configuring Local Auth Modules ==<br />
<br />
=== Auth Module Example ===<br />
AuthPDS was developed at NYU as an example of generating a plugin and populating the stub methods provided.<br />
<br />
At NYU we're currently using the Auth module in our holdings table to offer request functionality based on "patron status". We display a request button, if the patron has the appropriate status to be able to request/page items and use a custom controller to provide this functionality seamlessly. Screenshots of this functionality can be seen below.<br />
<br />
==== lib/auth/local/auth_pds.rb ====<br />
The AuthPDS module gets mixed in with the Session module to log in via PDS (customized for NYU). It implements the following callback functions:<br />
# '''login_url''' - provides PDS login URL to redirect to<br />
# '''after_login''' - checks authorization, stores some cookies to improve performance, saves some user data when appropriate<br />
# '''logout_url''' - provides PDS logout URL<br />
# '''after_logout''' - destroys some cookies that were stored to improve performance<br />
# '''on_every_request''' - checks if the user has logged in (e.g. from another PDS SSO system)<br />
<br />
==== config/umlaut_config/environment.rb ====<br />
The auth configuration settings are added to the local environment.rb to establish the appropriate class to mix in and to pass various options to the module.<br />
<pre><br />
config.app_config.login = {<br />
# File name<br />
:id => "auth_pds",<br />
# Class name<br />
:module => :AuthPDS,<br />
:options => {<br />
# Make expiration date configurable<br />
:expiration_date => lambda {return 1.week.ago},<br />
# OpenSSO URL, specific to NYU's implementation of PDS.<br />
# Could easily be removed to make the local PDS module more generic.<br />
:opensso_path => "https://login.nyu.edu:443/sso",<br />
# PDS URL<br />
:pds_url => "https://pds.library.institution.edu:443/",<br />
# System name since the module is used in many different contexts and different apps<br />
:system_name => :umlaut,<br />
# Cookie name that is used to help with performance since the module is used in <br />
# many different contexts and different apps<br />
:cookie_name => :nyulibrary_opensso_umlaut,<br />
:additional_user_attributes => lambda do |user_session|<br />
h = {}<br />
# NYU is using this module for several of our ruby apps <br />
# and this mechanism allows us to include different user attributes per system.<br />
# It's included here to give an idea of the flexibility of the module.<br />
return h<br />
end<br />
}<br />
}<br />
</pre><br />
==== Screenshots of Request Functionality ====<br />
===== Not logged in, no request ======<br />
<br />
===== Logged in, request ======<br />
<br />
===== Pretty jQuery modal dialog ======</div>Scotdaltonhttps://wiki.code4lib.org/index.php?title=Auth_Module&diff=6879Auth Module2011-01-20T20:41:09Z<p>Scotdalton: </p>
<hr />
<div>[[Category:Umlaut]]<br />
<br />
== Auth Module (Developer Notes) ==<br />
The Auth module extends functionality available from the [Authlogic|http://github.com/binarylogic/authlogic] (version 2.1.0) gem and included in the lib directory based on the [Authlogic OpenID add-on|http://github.com/binarylogic/authlogic_openid].'<br />
<br />
The idea is to allow services to be customized based on a logged in user's attributes.<br />
Some examples could be: <br />
* Store a user's mobile phone number or email address to default the txt/email values for those services.<br />
* Provide extended request or paging functionality that is only available to a subset of patrons.<br />
* Allow faculty members to place items on reserve from the Umlaut screen.<br />
<br />
Currently the Auth module requires existing Umlaut users to install the authlogic gem and perform a rails migration to update the user model to work with authlogic and the auth module. After these two steps have been taken, the auth module should only take effect if a particular instance has defined a auth module in their local config.<br />
<br />
=== Umlaut Files Added or Updated ===<br />
Several core Umlaut files were added and updated in order to support the Auth module.<br />
==== app/controller/application.rb ====<br />
The '''ApplicationController''' filters passwords and provides two methods for accessing the current user session and the current user. <br />
# '''current_user_session''' (aliased as has_logged_in_user) - returns nil if no user session has been established<br />
# '''current_user''' (aliased as logged_in_user) - returns either nil or the current logged in user<br />
The application calls '''current_user_session''' as a before filter on every request.<br />
==== app/controllers/user_sessions_controller.rb ====<br />
The '''UserSessionsController''' manages the routing of user session requests and provides three methods.<br />
# '''new''' - renders the login screen or redirects to external login screen<br />
# '''validate''' - validates the user upon login<br />
# '''destroy''' - processes logout<br />
==== app/controllers/users_controller.rb ====<br />
The '''UsersController''' manages the routing of user related requests and provides two methods.<br />
# '''edit''' (also called from show) - renders the user preferences screen<br />
# '''update''' - processes updates to user preferences (not yet implemented)<br />
==== app/models/user_sessions.rb ====<br />
'''UserSessions''' extends Authlogic::Session::Base<br />
==== app/models/user.rb ====<br />
'''User''' serializes user_attributes and adds acts_as_authentic functionality to leverage the Authlogic gem. Also sets to_param to username rather than id for prettier urls.<br />
==== app/views/user_sessions/new.html.rb ====<br />
The default login screen, doesn't currently do anything.<br />
==== app/views/users/edit.html.rb ====<br />
The default user preferences screen. Users can update mobile phone numbers and the like (not yet implemented)<br />
==== config/environment.rb ====<br />
Added authlogic gem: <br />
<pre><br />
#require 'authlogic'<br />
config.gem 'authlogic', :version => "= 2.1.0"<br />
</pre><br />
==== config/routes.rb ====<br />
Added url routes:<br />
<pre><br />
map.login "login", :controller => "user_sessions", :action => "new"<br />
map.logout "logout", :controller => "user_sessions", :action => "destroy"<br />
map.validate "validate", :controller => "user_sessions", :action => "validate"<br />
map.resources :user_sessions<br />
map.resources :users<br />
</pre><br />
==== db/schema.rb ====<br />
Modified the user table to use with authlogic. Included column for mobile phone, user attributes and a refreshed_at date to track age of a particular record for better performance. By default, data expires after 1 week.<br />
==== lib/service.rb ====<br />
Make the user accessible from a particular user via the session_user method.<br />
<pre><br />
# Returns the currently logged in user, if available, based on the user_credentials_id in the <br />
# session from AuthLogic. May want to make this more sophisticated and check user_credentials<br />
# against db.<br />
def session_user<br />
return User.find(session["user_credentials_id"]) unless session["user_credentials_id"].nil?<br />
end<br />
</pre><br />
<br />
=== Auth Module ===<br />
The following files makeup the Auth module to extend the functionality of Authlogic for our purposes. <br />
==== lib/auth/acts_as_authentic.rb ====<br />
The '''ActsAsAuthentic''' module extends the authlogic user model to ignore passwords, reset_persistence_token when the username changes, manage stale data (via refreshed_at date), and handle user attributes hash.<br />
==== lib/auth/session.rb ====<br />
The '''Session''' module establishes the Auth module callback functions and can serve as a template for further localizations.<br />
Callback functions to be overridden locally as appropriate:<br />
# '''before_login''' - called when a new user session is being established, before the actual login is called<br />
# '''login_url''' - called if before_login isn't defined or returns false, convenience method for redirecting to an external login url<br />
# '''after_login''' - called after login user has been validated, provides mechanism for authorization<br />
# '''before_logout''' - called before current user session is destroyed<br />
# '''after_logout''' - called after current user session is destroyed<br />
# '''on_every_request''' - called on every request<br />
The module also has two private methods for use in extended local classes.<br />
# '''validate_url''' - generates the return url to send to external logins services<br />
# '''session_user''' - facilitates saving user attributes to the user model<br />
<br />
== Configuring Local Auth Modules ==<br />
<br />
=== Auth Module Example ===<br />
AuthPDS was developed at NYU as an example of generating a plugin and populating the stub methods provided.<br />
==== lib/auth/local/auth_pds.rb ====<br />
The AuthPDS module gets mixed in with the Session module to log in via PDS (customized for NYU). It implements the following callback functions:<br />
# '''login_url''' - provides PDS login URL to redirect to<br />
# '''after_login''' - checks authorization, stores some cookies to improve performance, saves some user data when appropriate<br />
# '''logout_url''' - provides PDS logout URL<br />
# '''after_logout''' - destroys some cookies that were stored to improve performance<br />
# '''on_every_request''' - checks if the user has logged in (e.g. from another PDS SSO system)<br />
<br />
==== config/umlaut_config/environment.rb ====<br />
The auth configuration settings are added to the local environment.rb to establish the appropriate class to mix in and to pass various options to the module.<br />
<pre><br />
config.app_config.login = {<br />
# File name<br />
:id => "auth_pds",<br />
# Class name<br />
:module => :AuthPDS,<br />
:options => {<br />
# Make expiration date configurable<br />
:expiration_date => lambda {return 1.week.ago},<br />
# OpenSSO URL, specific to NYU's implementation of PDS.<br />
# Could easily be removed to make the local PDS module more generic.<br />
:opensso_path => "https://login.nyu.edu:443/sso",<br />
# PDS URL<br />
:pds_url => "https://pds.library.institution.edu:443/",<br />
# System name since the module is used in many different contexts and different apps<br />
:system_name => :umlaut,<br />
# Cookie name that is used to help with performance since the module is used in <br />
# many different contexts and different apps<br />
:cookie_name => :nyulibrary_opensso_umlaut,<br />
:additional_user_attributes => lambda do |user_session|<br />
h = {}<br />
# NYU is using this module for several of our ruby apps <br />
# and this mechanism allows us to include different user attributes per system.<br />
# It's included here to give an idea of the flexibility of the module.<br />
return h<br />
end<br />
}<br />
}<br />
</pre></div>Scotdaltonhttps://wiki.code4lib.org/index.php?title=Auth_Module&diff=6878Auth Module2011-01-20T20:40:39Z<p>Scotdalton: </p>
<hr />
<div>[[Category:Umlaut]]<br />
== Auth Module (Developer Notes) ==<br />
The Auth module extends functionality available from the [Authlogic|http://github.com/binarylogic/authlogic] (version 2.1.0) gem and included in the lib directory based on the [Authlogic OpenID add-on|http://github.com/binarylogic/authlogic_openid].'<br />
<br />
The idea is to allow services to be customized based on a logged in user's attributes.<br />
Some examples could be: <br />
* Store a user's mobile phone number or email address to default the txt/email values for those services.<br />
* Provide extended request or paging functionality that is only available to a subset of patrons.<br />
* Allow faculty members to place items on reserve from the Umlaut screen.<br />
<br />
Currently the Auth module requires existing Umlaut users to install the authlogic gem and perform a rails migration to update the user model to work with authlogic and the auth module. After these two steps have been taken, the auth module should only take effect if a particular instance has defined a auth module in their local config.<br />
<br />
=== Umlaut Files Added or Updated ===<br />
Several core Umlaut files were added and updated in order to support the Auth module.<br />
==== app/controller/application.rb ====<br />
The '''ApplicationController''' filters passwords and provides two methods for accessing the current user session and the current user. <br />
# '''current_user_session''' (aliased as has_logged_in_user) - returns nil if no user session has been established<br />
# '''current_user''' (aliased as logged_in_user) - returns either nil or the current logged in user<br />
The application calls '''current_user_session''' as a before filter on every request.<br />
==== app/controllers/user_sessions_controller.rb ====<br />
The '''UserSessionsController''' manages the routing of user session requests and provides three methods.<br />
# '''new''' - renders the login screen or redirects to external login screen<br />
# '''validate''' - validates the user upon login<br />
# '''destroy''' - processes logout<br />
==== app/controllers/users_controller.rb ====<br />
The '''UsersController''' manages the routing of user related requests and provides two methods.<br />
# '''edit''' (also called from show) - renders the user preferences screen<br />
# '''update''' - processes updates to user preferences (not yet implemented)<br />
==== app/models/user_sessions.rb ====<br />
'''UserSessions''' extends Authlogic::Session::Base<br />
==== app/models/user.rb ====<br />
'''User''' serializes user_attributes and adds acts_as_authentic functionality to leverage the Authlogic gem. Also sets to_param to username rather than id for prettier urls.<br />
==== app/views/user_sessions/new.html.rb ====<br />
The default login screen, doesn't currently do anything.<br />
==== app/views/users/edit.html.rb ====<br />
The default user preferences screen. Users can update mobile phone numbers and the like (not yet implemented)<br />
==== config/environment.rb ====<br />
Added authlogic gem: <br />
<pre><br />
#require 'authlogic'<br />
config.gem 'authlogic', :version => "= 2.1.0"<br />
</pre><br />
==== config/routes.rb ====<br />
Added url routes:<br />
<pre><br />
map.login "login", :controller => "user_sessions", :action => "new"<br />
map.logout "logout", :controller => "user_sessions", :action => "destroy"<br />
map.validate "validate", :controller => "user_sessions", :action => "validate"<br />
map.resources :user_sessions<br />
map.resources :users<br />
</pre><br />
==== db/schema.rb ====<br />
Modified the user table to use with authlogic. Included column for mobile phone, user attributes and a refreshed_at date to track age of a particular record for better performance. By default, data expires after 1 week.<br />
==== lib/service.rb ====<br />
Make the user accessible from a particular user via the session_user method.<br />
<pre><br />
# Returns the currently logged in user, if available, based on the user_credentials_id in the <br />
# session from AuthLogic. May want to make this more sophisticated and check user_credentials<br />
# against db.<br />
def session_user<br />
return User.find(session["user_credentials_id"]) unless session["user_credentials_id"].nil?<br />
end<br />
</pre><br />
<br />
=== Auth Module ===<br />
The following files makeup the Auth module to extend the functionality of Authlogic for our purposes. <br />
==== lib/auth/acts_as_authentic.rb ====<br />
The '''ActsAsAuthentic''' module extends the authlogic user model to ignore passwords, reset_persistence_token when the username changes, manage stale data (via refreshed_at date), and handle user attributes hash.<br />
==== lib/auth/session.rb ====<br />
The '''Session''' module establishes the Auth module callback functions and can serve as a template for further localizations.<br />
Callback functions to be overridden locally as appropriate:<br />
# '''before_login''' - called when a new user session is being established, before the actual login is called<br />
# '''login_url''' - called if before_login isn't defined or returns false, convenience method for redirecting to an external login url<br />
# '''after_login''' - called after login user has been validated, provides mechanism for authorization<br />
# '''before_logout''' - called before current user session is destroyed<br />
# '''after_logout''' - called after current user session is destroyed<br />
# '''on_every_request''' - called on every request<br />
The module also has two private methods for use in extended local classes.<br />
# '''validate_url''' - generates the return url to send to external logins services<br />
# '''session_user''' - facilitates saving user attributes to the user model<br />
<br />
== Configuring Local Auth Modules ==<br />
<br />
=== Auth Module Example ===<br />
AuthPDS was developed at NYU as an example of generating a plugin and populating the stub methods provided.<br />
==== lib/auth/local/auth_pds.rb ====<br />
The AuthPDS module gets mixed in with the Session module to log in via PDS (customized for NYU). It implements the following callback functions:<br />
# '''login_url''' - provides PDS login URL to redirect to<br />
# '''after_login''' - checks authorization, stores some cookies to improve performance, saves some user data when appropriate<br />
# '''logout_url''' - provides PDS logout URL<br />
# '''after_logout''' - destroys some cookies that were stored to improve performance<br />
# '''on_every_request''' - checks if the user has logged in (e.g. from another PDS SSO system)<br />
<br />
==== config/umlaut_config/environment.rb ====<br />
The auth configuration settings are added to the local environment.rb to establish the appropriate class to mix in and to pass various options to the module.<br />
<pre><br />
config.app_config.login = {<br />
# File name<br />
:id => "auth_pds",<br />
# Class name<br />
:module => :AuthPDS,<br />
:options => {<br />
# Make expiration date configurable<br />
:expiration_date => lambda {return 1.week.ago},<br />
# OpenSSO URL, specific to NYU's implementation of PDS.<br />
# Could easily be removed to make the local PDS module more generic.<br />
:opensso_path => "https://login.nyu.edu:443/sso",<br />
# PDS URL<br />
:pds_url => "https://pds.library.institution.edu:443/",<br />
# System name since the module is used in many different contexts and different apps<br />
:system_name => :umlaut,<br />
# Cookie name that is used to help with performance since the module is used in <br />
# many different contexts and different apps<br />
:cookie_name => :nyulibrary_opensso_umlaut,<br />
:additional_user_attributes => lambda do |user_session|<br />
h = {}<br />
# NYU is using this module for several of our ruby apps <br />
# and this mechanism allows us to include different user attributes per system.<br />
# It's included here to give an idea of the flexibility of the module.<br />
return h<br />
end<br />
}<br />
}<br />
</pre></div>Scotdaltonhttps://wiki.code4lib.org/index.php?title=Auth_Module&diff=6877Auth Module2011-01-20T20:40:22Z<p>Scotdalton: </p>
<hr />
<div>[[Category:Name]]<br />
== Auth Module (Developer Notes) ==<br />
The Auth module extends functionality available from the [Authlogic|http://github.com/binarylogic/authlogic] (version 2.1.0) gem and included in the lib directory based on the [Authlogic OpenID add-on|http://github.com/binarylogic/authlogic_openid].'<br />
<br />
The idea is to allow services to be customized based on a logged in user's attributes.<br />
Some examples could be: <br />
* Store a user's mobile phone number or email address to default the txt/email values for those services.<br />
* Provide extended request or paging functionality that is only available to a subset of patrons.<br />
* Allow faculty members to place items on reserve from the Umlaut screen.<br />
<br />
Currently the Auth module requires existing Umlaut users to install the authlogic gem and perform a rails migration to update the user model to work with authlogic and the auth module. After these two steps have been taken, the auth module should only take effect if a particular instance has defined a auth module in their local config.<br />
<br />
=== Umlaut Files Added or Updated ===<br />
Several core Umlaut files were added and updated in order to support the Auth module.<br />
==== app/controller/application.rb ====<br />
The '''ApplicationController''' filters passwords and provides two methods for accessing the current user session and the current user. <br />
# '''current_user_session''' (aliased as has_logged_in_user) - returns nil if no user session has been established<br />
# '''current_user''' (aliased as logged_in_user) - returns either nil or the current logged in user<br />
The application calls '''current_user_session''' as a before filter on every request.<br />
==== app/controllers/user_sessions_controller.rb ====<br />
The '''UserSessionsController''' manages the routing of user session requests and provides three methods.<br />
# '''new''' - renders the login screen or redirects to external login screen<br />
# '''validate''' - validates the user upon login<br />
# '''destroy''' - processes logout<br />
==== app/controllers/users_controller.rb ====<br />
The '''UsersController''' manages the routing of user related requests and provides two methods.<br />
# '''edit''' (also called from show) - renders the user preferences screen<br />
# '''update''' - processes updates to user preferences (not yet implemented)<br />
==== app/models/user_sessions.rb ====<br />
'''UserSessions''' extends Authlogic::Session::Base<br />
==== app/models/user.rb ====<br />
'''User''' serializes user_attributes and adds acts_as_authentic functionality to leverage the Authlogic gem. Also sets to_param to username rather than id for prettier urls.<br />
==== app/views/user_sessions/new.html.rb ====<br />
The default login screen, doesn't currently do anything.<br />
==== app/views/users/edit.html.rb ====<br />
The default user preferences screen. Users can update mobile phone numbers and the like (not yet implemented)<br />
==== config/environment.rb ====<br />
Added authlogic gem: <br />
<pre><br />
#require 'authlogic'<br />
config.gem 'authlogic', :version => "= 2.1.0"<br />
</pre><br />
==== config/routes.rb ====<br />
Added url routes:<br />
<pre><br />
map.login "login", :controller => "user_sessions", :action => "new"<br />
map.logout "logout", :controller => "user_sessions", :action => "destroy"<br />
map.validate "validate", :controller => "user_sessions", :action => "validate"<br />
map.resources :user_sessions<br />
map.resources :users<br />
</pre><br />
==== db/schema.rb ====<br />
Modified the user table to use with authlogic. Included column for mobile phone, user attributes and a refreshed_at date to track age of a particular record for better performance. By default, data expires after 1 week.<br />
==== lib/service.rb ====<br />
Make the user accessible from a particular user via the session_user method.<br />
<pre><br />
# Returns the currently logged in user, if available, based on the user_credentials_id in the <br />
# session from AuthLogic. May want to make this more sophisticated and check user_credentials<br />
# against db.<br />
def session_user<br />
return User.find(session["user_credentials_id"]) unless session["user_credentials_id"].nil?<br />
end<br />
</pre><br />
<br />
=== Auth Module ===<br />
The following files makeup the Auth module to extend the functionality of Authlogic for our purposes. <br />
==== lib/auth/acts_as_authentic.rb ====<br />
The '''ActsAsAuthentic''' module extends the authlogic user model to ignore passwords, reset_persistence_token when the username changes, manage stale data (via refreshed_at date), and handle user attributes hash.<br />
==== lib/auth/session.rb ====<br />
The '''Session''' module establishes the Auth module callback functions and can serve as a template for further localizations.<br />
Callback functions to be overridden locally as appropriate:<br />
# '''before_login''' - called when a new user session is being established, before the actual login is called<br />
# '''login_url''' - called if before_login isn't defined or returns false, convenience method for redirecting to an external login url<br />
# '''after_login''' - called after login user has been validated, provides mechanism for authorization<br />
# '''before_logout''' - called before current user session is destroyed<br />
# '''after_logout''' - called after current user session is destroyed<br />
# '''on_every_request''' - called on every request<br />
The module also has two private methods for use in extended local classes.<br />
# '''validate_url''' - generates the return url to send to external logins services<br />
# '''session_user''' - facilitates saving user attributes to the user model<br />
<br />
== Configuring Local Auth Modules ==<br />
<br />
=== Auth Module Example ===<br />
AuthPDS was developed at NYU as an example of generating a plugin and populating the stub methods provided.<br />
==== lib/auth/local/auth_pds.rb ====<br />
The AuthPDS module gets mixed in with the Session module to log in via PDS (customized for NYU). It implements the following callback functions:<br />
# '''login_url''' - provides PDS login URL to redirect to<br />
# '''after_login''' - checks authorization, stores some cookies to improve performance, saves some user data when appropriate<br />
# '''logout_url''' - provides PDS logout URL<br />
# '''after_logout''' - destroys some cookies that were stored to improve performance<br />
# '''on_every_request''' - checks if the user has logged in (e.g. from another PDS SSO system)<br />
<br />
==== config/umlaut_config/environment.rb ====<br />
The auth configuration settings are added to the local environment.rb to establish the appropriate class to mix in and to pass various options to the module.<br />
<pre><br />
config.app_config.login = {<br />
# File name<br />
:id => "auth_pds",<br />
# Class name<br />
:module => :AuthPDS,<br />
:options => {<br />
# Make expiration date configurable<br />
:expiration_date => lambda {return 1.week.ago},<br />
# OpenSSO URL, specific to NYU's implementation of PDS.<br />
# Could easily be removed to make the local PDS module more generic.<br />
:opensso_path => "https://login.nyu.edu:443/sso",<br />
# PDS URL<br />
:pds_url => "https://pds.library.institution.edu:443/",<br />
# System name since the module is used in many different contexts and different apps<br />
:system_name => :umlaut,<br />
# Cookie name that is used to help with performance since the module is used in <br />
# many different contexts and different apps<br />
:cookie_name => :nyulibrary_opensso_umlaut,<br />
:additional_user_attributes => lambda do |user_session|<br />
h = {}<br />
# NYU is using this module for several of our ruby apps <br />
# and this mechanism allows us to include different user attributes per system.<br />
# It's included here to give an idea of the flexibility of the module.<br />
return h<br />
end<br />
}<br />
}<br />
</pre></div>Scotdaltonhttps://wiki.code4lib.org/index.php?title=Auth_Module&diff=6876Auth Module2011-01-20T20:33:27Z<p>Scotdalton: /* Auth Module (Developer Notes) */</p>
<hr />
<div>== Auth Module (Developer Notes) ==<br />
The Auth module extends functionality available from the [Authlogic|http://github.com/binarylogic/authlogic] (version 2.1.0) gem and included in the lib directory based on the [Authlogic OpenID add-on|http://github.com/binarylogic/authlogic_openid].'<br />
<br />
The idea is to allow services to be customized based on a logged in user's attributes.<br />
Some examples could be: <br />
* Store a user's mobile phone number or email address to default the txt/email values for those services.<br />
* Provide extended request or paging functionality that is only available to a subset of patrons.<br />
* Allow faculty members to place items on reserve from the Umlaut screen.<br />
<br />
Currently the Auth module requires existing Umlaut users to install the authlogic gem and perform a rails migration to update the user model to work with authlogic and the auth module. After these two steps have been taken, the auth module should only take effect if a particular instance has defined a auth module in their local config.<br />
<br />
=== Umlaut Files Added or Updated ===<br />
Several core Umlaut files were added and updated in order to support the Auth module.<br />
==== app/controller/application.rb ====<br />
The '''ApplicationController''' filters passwords and provides two methods for accessing the current user session and the current user. <br />
# '''current_user_session''' (aliased as has_logged_in_user) - returns nil if no user session has been established<br />
# '''current_user''' (aliased as logged_in_user) - returns either nil or the current logged in user<br />
The application calls '''current_user_session''' as a before filter on every request.<br />
==== app/controllers/user_sessions_controller.rb ====<br />
The '''UserSessionsController''' manages the routing of user session requests and provides three methods.<br />
# '''new''' - renders the login screen or redirects to external login screen<br />
# '''validate''' - validates the user upon login<br />
# '''destroy''' - processes logout<br />
==== app/controllers/users_controller.rb ====<br />
The '''UsersController''' manages the routing of user related requests and provides two methods.<br />
# '''edit''' (also called from show) - renders the user preferences screen<br />
# '''update''' - processes updates to user preferences (not yet implemented)<br />
==== app/models/user_sessions.rb ====<br />
'''UserSessions''' extends Authlogic::Session::Base<br />
==== app/models/user.rb ====<br />
'''User''' serializes user_attributes and adds acts_as_authentic functionality to leverage the Authlogic gem. Also sets to_param to username rather than id for prettier urls.<br />
==== app/views/user_sessions/new.html.rb ====<br />
The default login screen, doesn't currently do anything.<br />
==== app/views/users/edit.html.rb ====<br />
The default user preferences screen. Users can update mobile phone numbers and the like (not yet implemented)<br />
==== config/environment.rb ====<br />
Added authlogic gem: <br />
<pre><br />
#require 'authlogic'<br />
config.gem 'authlogic', :version => "= 2.1.0"<br />
</pre><br />
==== config/routes.rb ====<br />
Added url routes:<br />
<pre><br />
map.login "login", :controller => "user_sessions", :action => "new"<br />
map.logout "logout", :controller => "user_sessions", :action => "destroy"<br />
map.validate "validate", :controller => "user_sessions", :action => "validate"<br />
map.resources :user_sessions<br />
map.resources :users<br />
</pre><br />
==== db/schema.rb ====<br />
Modified the user table to use with authlogic. Included column for mobile phone, user attributes and a refreshed_at date to track age of a particular record for better performance. By default, data expires after 1 week.<br />
==== lib/service.rb ====<br />
Make the user accessible from a particular user via the session_user method.<br />
<pre><br />
# Returns the currently logged in user, if available, based on the user_credentials_id in the <br />
# session from AuthLogic. May want to make this more sophisticated and check user_credentials<br />
# against db.<br />
def session_user<br />
return User.find(session["user_credentials_id"]) unless session["user_credentials_id"].nil?<br />
end<br />
</pre><br />
<br />
=== Auth Module ===<br />
The following files makeup the Auth module to extend the functionality of Authlogic for our purposes. <br />
==== lib/auth/acts_as_authentic.rb ====<br />
The '''ActsAsAuthentic''' module extends the authlogic user model to ignore passwords, reset_persistence_token when the username changes, manage stale data (via refreshed_at date), and handle user attributes hash.<br />
==== lib/auth/session.rb ====<br />
The '''Session''' module establishes the Auth module callback functions and can serve as a template for further localizations.<br />
Callback functions to be overridden locally as appropriate:<br />
# '''before_login''' - called when a new user session is being established, before the actual login is called<br />
# '''login_url''' - called if before_login isn't defined or returns false, convenience method for redirecting to an external login url<br />
# '''after_login''' - called after login user has been validated, provides mechanism for authorization<br />
# '''before_logout''' - called before current user session is destroyed<br />
# '''after_logout''' - called after current user session is destroyed<br />
# '''on_every_request''' - called on every request<br />
The module also has two private methods for use in extended local classes.<br />
# '''validate_url''' - generates the return url to send to external logins services<br />
# '''session_user''' - facilitates saving user attributes to the user model<br />
<br />
== Configuring Local Auth Modules ==<br />
<br />
=== Auth Module Example ===<br />
AuthPDS was developed at NYU as an example of generating a plugin and populating the stub methods provided.<br />
==== lib/auth/local/auth_pds.rb ====<br />
The AuthPDS module gets mixed in with the Session module to log in via PDS (customized for NYU). It implements the following callback functions:<br />
# '''login_url''' - provides PDS login URL to redirect to<br />
# '''after_login''' - checks authorization, stores some cookies to improve performance, saves some user data when appropriate<br />
# '''logout_url''' - provides PDS logout URL<br />
# '''after_logout''' - destroys some cookies that were stored to improve performance<br />
# '''on_every_request''' - checks if the user has logged in (e.g. from another PDS SSO system)<br />
<br />
==== config/umlaut_config/environment.rb ====<br />
The auth configuration settings are added to the local environment.rb to establish the appropriate class to mix in and to pass various options to the module.<br />
<pre><br />
config.app_config.login = {<br />
# File name<br />
:id => "auth_pds",<br />
# Class name<br />
:module => :AuthPDS,<br />
:options => {<br />
# Make expiration date configurable<br />
:expiration_date => lambda {return 1.week.ago},<br />
# OpenSSO URL, specific to NYU's implementation of PDS.<br />
# Could easily be removed to make the local PDS module more generic.<br />
:opensso_path => "https://login.nyu.edu:443/sso",<br />
# PDS URL<br />
:pds_url => "https://pds.library.institution.edu:443/",<br />
# System name since the module is used in many different contexts and different apps<br />
:system_name => :umlaut,<br />
# Cookie name that is used to help with performance since the module is used in <br />
# many different contexts and different apps<br />
:cookie_name => :nyulibrary_opensso_umlaut,<br />
:additional_user_attributes => lambda do |user_session|<br />
h = {}<br />
# NYU is using this module for several of our ruby apps <br />
# and this mechanism allows us to include different user attributes per system.<br />
# It's included here to give an idea of the flexibility of the module.<br />
return h<br />
end<br />
}<br />
}<br />
</pre></div>Scotdaltonhttps://wiki.code4lib.org/index.php?title=Auth_Module&diff=6875Auth Module2011-01-20T20:05:59Z<p>Scotdalton: </p>
<hr />
<div>== Auth Module (Developer Notes) ==<br />
The Auth module extends functionality available from the [Authlogic|http://github.com/binarylogic/authlogic] (version 2.1.0) gem and included in the lib directory based on the [Authlogic OpenID add-on|http://github.com/binarylogic/authlogic_openid].'<br />
<br />
The idea is to allow services to be customized based on a logged in user's attributes.<br />
Some examples could be: <br />
* Store a user's mobile phone number or email address to default the txt/email values for those services.<br />
* Provide extended request or paging functionality that is only available to a subset of patrons.<br />
* Allow faculty members to place items on reserve from the Umlaut screen.<br />
<br />
=== Umlaut Files Added or Updated ===<br />
Several core Umlaut files were added and updated in order to support the Auth module.<br />
==== app/controller/application.rb ====<br />
The '''ApplicationController''' filters passwords and provides two methods for accessing the current user session and the current user. <br />
# '''current_user_session''' (aliased as has_logged_in_user) - returns nil if no user session has been established<br />
# '''current_user''' (aliased as logged_in_user) - returns either nil or the current logged in user<br />
The application calls '''current_user_session''' as a before filter on every request.<br />
==== app/controllers/user_sessions_controller.rb ====<br />
The '''UserSessionsController''' manages the routing of user session requests and provides three methods.<br />
# '''new''' - renders the login screen or redirects to external login screen<br />
# '''validate''' - validates the user upon login<br />
# '''destroy''' - processes logout<br />
==== app/controllers/users_controller.rb ====<br />
The '''UsersController''' manages the routing of user related requests and provides two methods.<br />
# '''edit''' (also called from show) - renders the user preferences screen<br />
# '''update''' - processes updates to user preferences (not yet implemented)<br />
==== app/models/user_sessions.rb ====<br />
'''UserSessions''' extends Authlogic::Session::Base<br />
==== app/models/user.rb ====<br />
'''User''' serializes user_attributes and adds acts_as_authentic functionality to leverage the Authlogic gem. Also sets to_param to username rather than id for prettier urls.<br />
==== app/views/user_sessions/new.html.rb ====<br />
The default login screen, doesn't currently do anything.<br />
==== app/views/users/edit.html.rb ====<br />
The default user preferences screen. Users can update mobile phone numbers and the like (not yet implemented)<br />
==== config/environment.rb ====<br />
Added authlogic gem: <br />
<pre><br />
#require 'authlogic'<br />
config.gem 'authlogic', :version => "= 2.1.0"<br />
</pre><br />
==== config/routes.rb ====<br />
Added url routes:<br />
<pre><br />
map.login "login", :controller => "user_sessions", :action => "new"<br />
map.logout "logout", :controller => "user_sessions", :action => "destroy"<br />
map.validate "validate", :controller => "user_sessions", :action => "validate"<br />
map.resources :user_sessions<br />
map.resources :users<br />
</pre><br />
==== db/schema.rb ====<br />
Modified the user table to use with authlogic. Included column for mobile phone, user attributes and a refreshed_at date to track age of a particular record for better performance. By default, data expires after 1 week.<br />
==== lib/service.rb ====<br />
Make the user accessible from a particular user via the session_user method.<br />
<pre><br />
# Returns the currently logged in user, if available, based on the user_credentials_id in the <br />
# session from AuthLogic. May want to make this more sophisticated and check user_credentials<br />
# against db.<br />
def session_user<br />
return User.find(session["user_credentials_id"]) unless session["user_credentials_id"].nil?<br />
end<br />
</pre><br />
<br />
=== Auth Module ===<br />
The following files makeup the Auth module to extend the functionality of Authlogic for our purposes. <br />
==== lib/auth/acts_as_authentic.rb ====<br />
The '''ActsAsAuthentic''' module extends the authlogic user model to ignore passwords, reset_persistence_token when the username changes, manage stale data (via refreshed_at date), and handle user attributes hash.<br />
==== lib/auth/session.rb ====<br />
The '''Session''' module establishes the Auth module callback functions and can serve as a template for further localizations.<br />
Callback functions to be overridden locally as appropriate:<br />
# '''before_login''' - called when a new user session is being established, before the actual login is called<br />
# '''login_url''' - called if before_login isn't defined or returns false, convenience method for redirecting to an external login url<br />
# '''after_login''' - called after login user has been validated, provides mechanism for authorization<br />
# '''before_logout''' - called before current user session is destroyed<br />
# '''after_logout''' - called after current user session is destroyed<br />
# '''on_every_request''' - called on every request<br />
The module also has two private methods for use in extended local classes.<br />
# '''validate_url''' - generates the return url to send to external logins services<br />
# '''session_user''' - facilitates saving user attributes to the user model<br />
<br />
== Configuring Local Auth Modules ==<br />
<br />
=== Auth Module Example ===<br />
AuthPDS was developed at NYU as an example of generating a plugin and populating the stub methods provided.<br />
==== lib/auth/local/auth_pds.rb ====<br />
The AuthPDS module gets mixed in with the Session module to log in via PDS (customized for NYU). It implements the following callback functions:<br />
# '''login_url''' - provides PDS login URL to redirect to<br />
# '''after_login''' - checks authorization, stores some cookies to improve performance, saves some user data when appropriate<br />
# '''logout_url''' - provides PDS logout URL<br />
# '''after_logout''' - destroys some cookies that were stored to improve performance<br />
# '''on_every_request''' - checks if the user has logged in (e.g. from another PDS SSO system)<br />
<br />
==== config/umlaut_config/environment.rb ====<br />
The auth configuration settings are added to the local environment.rb to establish the appropriate class to mix in and to pass various options to the module.<br />
<pre><br />
config.app_config.login = {<br />
# File name<br />
:id => "auth_pds",<br />
# Class name<br />
:module => :AuthPDS,<br />
:options => {<br />
# Make expiration date configurable<br />
:expiration_date => lambda {return 1.week.ago},<br />
# OpenSSO URL, specific to NYU's implementation of PDS.<br />
# Could easily be removed to make the local PDS module more generic.<br />
:opensso_path => "https://login.nyu.edu:443/sso",<br />
# PDS URL<br />
:pds_url => "https://pds.library.institution.edu:443/",<br />
# System name since the module is used in many different contexts and different apps<br />
:system_name => :umlaut,<br />
# Cookie name that is used to help with performance since the module is used in <br />
# many different contexts and different apps<br />
:cookie_name => :nyulibrary_opensso_umlaut,<br />
:additional_user_attributes => lambda do |user_session|<br />
h = {}<br />
# NYU is using this module for several of our ruby apps <br />
# and this mechanism allows us to include different user attributes per system.<br />
# It's included here to give an idea of the flexibility of the module.<br />
return h<br />
end<br />
}<br />
}<br />
</pre></div>Scotdaltonhttps://wiki.code4lib.org/index.php?title=Auth_Module&diff=6873Auth Module2011-01-20T19:18:51Z<p>Scotdalton: /* Auth Module (Developer Notes) */</p>
<hr />
<div>== Auth Module (Developer Notes) ==<br />
The Auth module extends functionality available from the [Authlogic|http://github.com/binarylogic/authlogic] (version 2.1.0) gem and included in the lib directory based on the [Authlogic OpenID add-on|http://github.com/binarylogic/authlogic_openid].'<br />
<br />
The idea is to allow services to be customized based on a logged in user's attributes.<br />
Some examples could be: <br />
* Store a user's mobile phone number or email address to default the txt/email values for those services.<br />
* Provide extended request or paging functionality that is only available to a subset of patrons.<br />
* Allow faculty members to place items on reserve from the Umlaut screen.<br />
<br />
=== Umlaut Files Added or Updated ===<br />
Several core Umlaut files were added and updated in order to support the Auth module.<br />
==== app/controller/application.rb ====<br />
The '''ApplicationController''' filters passwords and provides two methods for accessing the current user session and the current user. <br />
# '''current_user_session''' (aliased as has_logged_in_user) - returns nil if no user session has been established<br />
# '''current_user''' (aliased as logged_in_user) - returns either nil or the current logged in user<br />
The application calls '''current_user_session''' as a before filter on every request.<br />
==== app/controllers/user_sessions_controller.rb ====<br />
The '''UserSessionsController''' manages the routing of user session requests and provides three methods.<br />
# '''new''' - renders the login screen or redirects to external login screen<br />
# '''validate''' - validates the user upon login<br />
# '''destroy''' - processes logout<br />
==== app/controllers/users_controller.rb ====<br />
The '''UsersController''' manages the routing of user related requests and provides two methods.<br />
# '''edit''' (also called from show) - renders the user preferences screen<br />
# '''update''' - processes updates to user preferences (not yet implemented)<br />
==== app/models/user_sessions.rb ====<br />
'''UserSessions''' extends Authlogic::Session::Base<br />
==== app/models/user.rb ====<br />
'''User''' serializes user_attributes and adds acts_as_authentic functionality to leverage the Authlogic gem. Also sets to_param to username rather than id for prettier urls.<br />
==== app/views/user_sessions/new.html.rb ====<br />
The default login screen, doesn't currently do anything.<br />
==== app/views/users/edit.html.rb ====<br />
The default user preferences screen. Users can update mobile phone numbers and the like (not yet implemented)<br />
==== config/environment.rb ====<br />
Added authlogic gem: <br />
<pre><br />
#require 'authlogic'<br />
config.gem 'authlogic', :version => "= 2.1.0"<br />
</pre><br />
==== config/routes.rb ====<br />
Added url routes:<br />
<pre><br />
map.login "login", :controller => "user_sessions", :action => "new"<br />
map.logout "logout", :controller => "user_sessions", :action => "destroy"<br />
map.validate "validate", :controller => "user_sessions", :action => "validate"<br />
map.resources :user_sessions<br />
map.resources :users<br />
</pre><br />
==== db/schema.rb ====<br />
Modified the user table to use with authlogic. Included column for mobile phone, user attributes and a refreshed_at date to track age of a particular record for better performance. By default, data expires after 1 week.<br />
==== lib/service.rb ====<br />
Make the user accessible from a particular user via the session_user method.<br />
<pre><br />
# Returns the currently logged in user, if available, based on the user_credentials_id in the <br />
# session from AuthLogic. May want to make this more sophisticated and check user_credentials<br />
# against db.<br />
def session_user<br />
return User.find(session["user_credentials_id"]) unless session["user_credentials_id"].nil?<br />
end<br />
</pre><br />
<br />
=== Auth Module ===<br />
The following files makeup the Auth module to extend the functionality of Authlogic for our purposes. <br />
==== lib/auth/acts_as_authentic.rb ====<br />
The '''ActsAsAuthentic''' module extends the authlogic user model to ignore passwords, reset_persistence_token when the username changes, manage stale data (via refreshed_at date), and handle user attributes hash.<br />
==== lib/auth/session.rb ====<br />
The '''Session''' module establishes the Auth module callback functions and can serve as a template for further localizations.<br />
Callback functions to be overridden locally as appropriate:<br />
# '''before_login''' - called when a new user session is being established, before the actual login is called<br />
# '''login_url''' - called if before_login isn't defined or returns false, convenience method for redirecting to an external login url<br />
# '''after_login''' - called after login user has been validated, provides mechanism for authorization<br />
# '''before_logout''' - called before current user session is destroyed<br />
# '''after_logout''' - called after current user session is destroyed<br />
# '''on_every_request''' - called on every request<br />
The module also has two private methods for use in extended local classes.<br />
# '''validate_url''' - generates the return url to send to external logins services<br />
# '''session_user''' - facilitates saving user attributes to the user model<br />
<br />
== Configuring Local Auth Modules ==<br />
<br />
=== Auth Module Example ===<br />
AuthPDS was developed at NYU as an example of generating a plugin and populating the stub methods provided.<br />
==== lib/auth/local/auth_pds.rb ====<br />
The AuthPDS module gets mixed in with the Session module to log in via PDS (customized for NYU). It implements the following callback functions:<br />
# '''login_url''' - provides PDS login URL to redirect to<br />
# '''after_login''' - checks authorization, stores some cookies to improve performance, saves some user data when appropriate<br />
# '''logout_url''' - provides PDS logout URL<br />
# '''after_logout''' - destroys some cookies that were stored to improve performance<br />
# '''on_every_request''' - checks if the user has logged in (e.g. from another PDS SSO system)<br />
<br />
==== config/umlaut_config/environment.rb ====<br />
The auth configuration settings are added to the local environment.rb to establish the appropriate class to mix in and to pass various options to the module.<br />
<pre><br />
config.app_config.login = {<br />
# File name<br />
:id => "auth_pds",<br />
# Class name<br />
:module => :AuthPDS,<br />
:options => {<br />
# Make expiration date configurable<br />
:expiration_date => lambda {return 1.week.ago},<br />
# OpenSSO URL, specific to NYU's implementation of PDS. Could easily be removed to make the local PDS module more generic.<br />
:opensso_path => "https://login.nyu.edu:443/sso",<br />
# PDS URL<br />
:pds_url => "https://pds.library.institution.edu:443/",<br />
# System name since the module is used in many different contexts and different apps<br />
:system_name => :umlaut,<br />
# Cookie name that is used to help with performance since the module is used in many different contexts and different apps<br />
:cookie_name => :nyulibrary_opensso_umlaut,<br />
:additional_user_attributes => lambda do |user_session|<br />
h = {}<br />
# NYU is using this module for several of our ruby apps and this mechanism allows us to include different user attributes per system.<br />
# It's included here to give an idea of the flexibility of the module.<br />
return h<br />
end<br />
}<br />
}<br />
</pre></div>Scotdaltonhttps://wiki.code4lib.org/index.php?title=Auth_Module&diff=6872Auth Module2011-01-20T19:18:06Z<p>Scotdalton: /* lib/auth/local/auth_pds.rb */</p>
<hr />
<div>== Auth Module (Developer Notes) ==<br />
The Auth module extends functionality available from the [Authlogic|http://github.com/binarylogic/authlogic] (version 2.1.0) gem and included in the lib directory based on the [Authlogic OpenID add-on|http://github.com/binarylogic/authlogic_openid].'<br />
<br />
The idea is to allow services to be customized based on user attributes.<br />
Some examples could be: <br />
* Store a user's mobile phone number or email address to default the txt/email values for those services.<br />
* Provide extended request or paging functionality that is only available to a subset of patrons.<br />
* Allow faculty members to place items on reserve from the Umlaut screen.<br />
<br />
=== Umlaut Files Added or Updated ===<br />
Several core Umlaut files were added and updated in order to support the Auth module.<br />
==== app/controller/application.rb ====<br />
The '''ApplicationController''' filters passwords and provides two methods for accessing the current user session and the current user. <br />
# '''current_user_session''' (aliased as has_logged_in_user) - returns nil if no user session has been established<br />
# '''current_user''' (aliased as logged_in_user) - returns either nil or the current logged in user<br />
The application calls '''current_user_session''' as a before filter on every request.<br />
==== app/controllers/user_sessions_controller.rb ====<br />
The '''UserSessionsController''' manages the routing of user session requests and provides three methods.<br />
# '''new''' - renders the login screen or redirects to external login screen<br />
# '''validate''' - validates the user upon login<br />
# '''destroy''' - processes logout<br />
==== app/controllers/users_controller.rb ====<br />
The '''UsersController''' manages the routing of user related requests and provides two methods.<br />
# '''edit''' (also called from show) - renders the user preferences screen<br />
# '''update''' - processes updates to user preferences (not yet implemented)<br />
==== app/models/user_sessions.rb ====<br />
'''UserSessions''' extends Authlogic::Session::Base<br />
==== app/models/user.rb ====<br />
'''User''' serializes user_attributes and adds acts_as_authentic functionality to leverage the Authlogic gem. Also sets to_param to username rather than id for prettier urls.<br />
==== app/views/user_sessions/new.html.rb ====<br />
The default login screen, doesn't currently do anything.<br />
==== app/views/users/edit.html.rb ====<br />
The default user preferences screen. Users can update mobile phone numbers and the like (not yet implemented)<br />
==== config/environment.rb ====<br />
Added authlogic gem: <br />
<pre><br />
#require 'authlogic'<br />
config.gem 'authlogic', :version => "= 2.1.0"<br />
</pre><br />
==== config/routes.rb ====<br />
Added url routes:<br />
<pre><br />
map.login "login", :controller => "user_sessions", :action => "new"<br />
map.logout "logout", :controller => "user_sessions", :action => "destroy"<br />
map.validate "validate", :controller => "user_sessions", :action => "validate"<br />
map.resources :user_sessions<br />
map.resources :users<br />
</pre><br />
==== db/schema.rb ====<br />
Modified the user table to use with authlogic. Included column for mobile phone, user attributes and a refreshed_at date to track age of a particular record for better performance. By default, data expires after 1 week.<br />
==== lib/service.rb ====<br />
Make the user accessible from a particular user via the session_user method.<br />
<pre><br />
# Returns the currently logged in user, if available, based on the user_credentials_id in the <br />
# session from AuthLogic. May want to make this more sophisticated and check user_credentials<br />
# against db.<br />
def session_user<br />
return User.find(session["user_credentials_id"]) unless session["user_credentials_id"].nil?<br />
end<br />
</pre><br />
<br />
=== Auth Module ===<br />
The following files makeup the Auth module to extend the functionality of Authlogic for our purposes. <br />
==== lib/auth/acts_as_authentic.rb ====<br />
The '''ActsAsAuthentic''' module extends the authlogic user model to ignore passwords, reset_persistence_token when the username changes, manage stale data (via refreshed_at date), and handle user attributes hash.<br />
==== lib/auth/session.rb ====<br />
The '''Session''' module establishes the Auth module callback functions and can serve as a template for further localizations.<br />
Callback functions to be overridden locally as appropriate:<br />
# '''before_login''' - called when a new user session is being established, before the actual login is called<br />
# '''login_url''' - called if before_login isn't defined or returns false, convenience method for redirecting to an external login url<br />
# '''after_login''' - called after login user has been validated, provides mechanism for authorization<br />
# '''before_logout''' - called before current user session is destroyed<br />
# '''after_logout''' - called after current user session is destroyed<br />
# '''on_every_request''' - called on every request<br />
The module also has two private methods for use in extended local classes.<br />
# '''validate_url''' - generates the return url to send to external logins services<br />
# '''session_user''' - facilitates saving user attributes to the user model<br />
<br />
== Configuring Local Auth Modules ==<br />
<br />
=== Auth Module Example ===<br />
AuthPDS was developed at NYU as an example of generating a plugin and populating the stub methods provided.<br />
==== lib/auth/local/auth_pds.rb ====<br />
The AuthPDS module gets mixed in with the Session module to log in via PDS (customized for NYU). It implements the following callback functions:<br />
# '''login_url''' - provides PDS login URL to redirect to<br />
# '''after_login''' - checks authorization, stores some cookies to improve performance, saves some user data when appropriate<br />
# '''logout_url''' - provides PDS logout URL<br />
# '''after_logout''' - destroys some cookies that were stored to improve performance<br />
# '''on_every_request''' - checks if the user has logged in (e.g. from another PDS SSO system)<br />
<br />
==== config/umlaut_config/environment.rb ====<br />
The auth configuration settings are added to the local environment.rb to establish the appropriate class to mix in and to pass various options to the module.<br />
<pre><br />
config.app_config.login = {<br />
# File name<br />
:id => "auth_pds",<br />
# Class name<br />
:module => :AuthPDS,<br />
:options => {<br />
# Make expiration date configurable<br />
:expiration_date => lambda {return 1.week.ago},<br />
# OpenSSO URL, specific to NYU's implementation of PDS. Could easily be removed to make the local PDS module more generic.<br />
:opensso_path => "https://login.nyu.edu:443/sso",<br />
# PDS URL<br />
:pds_url => "https://pds.library.institution.edu:443/",<br />
# System name since the module is used in many different contexts and different apps<br />
:system_name => :umlaut,<br />
# Cookie name that is used to help with performance since the module is used in many different contexts and different apps<br />
:cookie_name => :nyulibrary_opensso_umlaut,<br />
:additional_user_attributes => lambda do |user_session|<br />
h = {}<br />
# NYU is using this module for several of our ruby apps and this mechanism allows us to include different user attributes per system.<br />
# It's included here to give an idea of the flexibility of the module.<br />
return h<br />
end<br />
}<br />
}<br />
</pre></div>Scotdaltonhttps://wiki.code4lib.org/index.php?title=Auth_Module&diff=6871Auth Module2011-01-20T19:17:20Z<p>Scotdalton: Updated with changes for latest version</p>
<hr />
<div>== Auth Module (Developer Notes) ==<br />
The Auth module extends functionality available from the [Authlogic|http://github.com/binarylogic/authlogic] (version 2.1.0) gem and included in the lib directory based on the [Authlogic OpenID add-on|http://github.com/binarylogic/authlogic_openid].'<br />
<br />
The idea is to allow services to be customized based on user attributes.<br />
Some examples could be: <br />
* Store a user's mobile phone number or email address to default the txt/email values for those services.<br />
* Provide extended request or paging functionality that is only available to a subset of patrons.<br />
* Allow faculty members to place items on reserve from the Umlaut screen.<br />
<br />
=== Umlaut Files Added or Updated ===<br />
Several core Umlaut files were added and updated in order to support the Auth module.<br />
==== app/controller/application.rb ====<br />
The '''ApplicationController''' filters passwords and provides two methods for accessing the current user session and the current user. <br />
# '''current_user_session''' (aliased as has_logged_in_user) - returns nil if no user session has been established<br />
# '''current_user''' (aliased as logged_in_user) - returns either nil or the current logged in user<br />
The application calls '''current_user_session''' as a before filter on every request.<br />
==== app/controllers/user_sessions_controller.rb ====<br />
The '''UserSessionsController''' manages the routing of user session requests and provides three methods.<br />
# '''new''' - renders the login screen or redirects to external login screen<br />
# '''validate''' - validates the user upon login<br />
# '''destroy''' - processes logout<br />
==== app/controllers/users_controller.rb ====<br />
The '''UsersController''' manages the routing of user related requests and provides two methods.<br />
# '''edit''' (also called from show) - renders the user preferences screen<br />
# '''update''' - processes updates to user preferences (not yet implemented)<br />
==== app/models/user_sessions.rb ====<br />
'''UserSessions''' extends Authlogic::Session::Base<br />
==== app/models/user.rb ====<br />
'''User''' serializes user_attributes and adds acts_as_authentic functionality to leverage the Authlogic gem. Also sets to_param to username rather than id for prettier urls.<br />
==== app/views/user_sessions/new.html.rb ====<br />
The default login screen, doesn't currently do anything.<br />
==== app/views/users/edit.html.rb ====<br />
The default user preferences screen. Users can update mobile phone numbers and the like (not yet implemented)<br />
==== config/environment.rb ====<br />
Added authlogic gem: <br />
<pre><br />
#require 'authlogic'<br />
config.gem 'authlogic', :version => "= 2.1.0"<br />
</pre><br />
==== config/routes.rb ====<br />
Added url routes:<br />
<pre><br />
map.login "login", :controller => "user_sessions", :action => "new"<br />
map.logout "logout", :controller => "user_sessions", :action => "destroy"<br />
map.validate "validate", :controller => "user_sessions", :action => "validate"<br />
map.resources :user_sessions<br />
map.resources :users<br />
</pre><br />
==== db/schema.rb ====<br />
Modified the user table to use with authlogic. Included column for mobile phone, user attributes and a refreshed_at date to track age of a particular record for better performance. By default, data expires after 1 week.<br />
==== lib/service.rb ====<br />
Make the user accessible from a particular user via the session_user method.<br />
<pre><br />
# Returns the currently logged in user, if available, based on the user_credentials_id in the <br />
# session from AuthLogic. May want to make this more sophisticated and check user_credentials<br />
# against db.<br />
def session_user<br />
return User.find(session["user_credentials_id"]) unless session["user_credentials_id"].nil?<br />
end<br />
</pre><br />
<br />
=== Auth Module ===<br />
The following files makeup the Auth module to extend the functionality of Authlogic for our purposes. <br />
==== lib/auth/acts_as_authentic.rb ====<br />
The '''ActsAsAuthentic''' module extends the authlogic user model to ignore passwords, reset_persistence_token when the username changes, manage stale data (via refreshed_at date), and handle user attributes hash.<br />
==== lib/auth/session.rb ====<br />
The '''Session''' module establishes the Auth module callback functions and can serve as a template for further localizations.<br />
Callback functions to be overridden locally as appropriate:<br />
# '''before_login''' - called when a new user session is being established, before the actual login is called<br />
# '''login_url''' - called if before_login isn't defined or returns false, convenience method for redirecting to an external login url<br />
# '''after_login''' - called after login user has been validated, provides mechanism for authorization<br />
# '''before_logout''' - called before current user session is destroyed<br />
# '''after_logout''' - called after current user session is destroyed<br />
# '''on_every_request''' - called on every request<br />
The module also has two private methods for use in extended local classes.<br />
# '''validate_url''' - generates the return url to send to external logins services<br />
# '''session_user''' - facilitates saving user attributes to the user model<br />
<br />
== Configuring Local Auth Modules ==<br />
<br />
=== Auth Module Example ===<br />
AuthPDS was developed at NYU as an example of generating a plugin and populating the stub methods provided.<br />
==== lib/auth/local/auth_pds.rb ====<br />
The AuthPDS module gets mixed in with the Session module to log in via PDS (customized for NYU). It implements the following callback functions:<br />
# login_url - provides PDS login URL to redirect to<br />
# after_login - checks authorization, stores some cookies to improve performance, saves some user data when appropriate<br />
# logout_url - provides PDS logout URL<br />
# after_logout - destroys some cookies that were stored to improve performance<br />
# on_every_request - checks if the user has logged in (e.g. from another PDS SSO system)<br />
<br />
==== config/umlaut_config/environment.rb ====<br />
The auth configuration settings are added to the local environment.rb to establish the appropriate class to mix in and to pass various options to the module.<br />
<pre><br />
config.app_config.login = {<br />
# File name<br />
:id => "auth_pds",<br />
# Class name<br />
:module => :AuthPDS,<br />
:options => {<br />
# Make expiration date configurable<br />
:expiration_date => lambda {return 1.week.ago},<br />
# OpenSSO URL, specific to NYU's implementation of PDS. Could easily be removed to make the local PDS module more generic.<br />
:opensso_path => "https://login.nyu.edu:443/sso",<br />
# PDS URL<br />
:pds_url => "https://pds.library.institution.edu:443/",<br />
# System name since the module is used in many different contexts and different apps<br />
:system_name => :umlaut,<br />
# Cookie name that is used to help with performance since the module is used in many different contexts and different apps<br />
:cookie_name => :nyulibrary_opensso_umlaut,<br />
:additional_user_attributes => lambda do |user_session|<br />
h = {}<br />
# NYU is using this module for several of our ruby apps and this mechanism allows us to include different user attributes per system.<br />
# It's included here to give an idea of the flexibility of the module.<br />
return h<br />
end<br />
}<br />
}<br />
</pre></div>Scotdaltonhttps://wiki.code4lib.org/index.php?title=Auth_Module&diff=6870Auth Module2011-01-20T19:05:49Z<p>Scotdalton: </p>
<hr />
<div>== Auth Module (Developer Notes) ==<br />
The Auth module extends functionality available from the [Authlogic|http://github.com/binarylogic/authlogic] (version 2.1.0) gem and included in the lib directory based on the [Authlogic OpenID add-on|http://github.com/binarylogic/authlogic_openid].'<br />
<br />
The idea is to allow services to be customized based on user attributes.<br />
Some examples could be: <br />
* Store a user's mobile phone number or email address to default the txt/email values for those services.<br />
* Provide extended request or paging functionality that is only available to a subset of patrons.<br />
* Allow faculty members to place items on reserve from the Umlaut screen.<br />
<br />
=== Umlaut Files Added or Updated ===<br />
Several core Umlaut files were added and updated in order to support the Auth module.<br />
==== app/controller/application.rb ====<br />
The '''ApplicationController''' filters passwords and provides two methods for accessing the current user session and the current user. <br />
# '''current_user_session''' (aliased as has_logged_in_user) - returns nil if no user session has been established<br />
# '''current_user''' (aliased as logged_in_user) - returns either nil or the current logged in user<br />
The application calls '''current_user_session''' as a before filter on every request.<br />
==== app/controllers/user_sessions_controller.rb ====<br />
The '''UserSessionsController''' manages the routing of user session requests and provides three methods.<br />
# '''new''' - renders the login screen or redirects to external login screen<br />
# '''validate''' - validates the user upon login<br />
# '''destroy''' - processes logout<br />
==== app/controllers/users_controller.rb ====<br />
The '''UsersController''' manages the routing of user related requests and provides two methods.<br />
# '''edit''' (also called from show) - renders the user preferences screen<br />
# '''update''' - processes updates to user preferences (not yet implemented)<br />
==== app/models/user_sessions.rb ====<br />
'''UserSessions''' extends Authlogic::Session::Base<br />
==== app/models/user.rb ====<br />
'''User''' serializes user_attributes and adds acts_as_authentic functionality to leverage the Authlogic gem. Also sets to_param to username rather than id for prettier urls.<br />
==== app/views/user_sessions/new.html.rb ====<br />
The default login screen, doesn't currently do anything.<br />
==== app/views/users/edit.html.rb ====<br />
The default user preferences screen. Users can update mobile phone numbers and the like (not yet implemented)<br />
==== config/environment.rb ====<br />
Added authlogic gem: <br />
<pre><br />
#require 'authlogic'<br />
config.gem 'authlogic', :version => "= 2.1.0"<br />
</pre><br />
==== config/routes.rb ====<br />
Added url routes:<br />
<pre><br />
map.login "login", :controller => "user_sessions", :action => "new"<br />
map.logout "logout", :controller => "user_sessions", :action => "destroy"<br />
map.validate "validate", :controller => "user_sessions", :action => "validate"<br />
map.resources :user_sessions<br />
map.resources :users<br />
</pre><br />
==== db/schema.rb ====<br />
Modified the user table to use with authlogic. Included column for mobile phone, user attributes and a refreshed_at date to track age of a particular record for better performance.<br />
==== lib/service.rb ====<br />
Make the user accessible from a particular user via the session_user method.<br />
<pre><br />
# Returns the currently logged in user, if available, based on the user_credentials_id in the <br />
# session from AuthLogic. May want to make this more sophisticated and check user_credentials<br />
# against db.<br />
def session_user<br />
return User.find(session["user_credentials_id"]) unless session["user_credentials_id"].nil?<br />
end<br />
</pre><br />
<br />
=== Auth Module ===<br />
The following files makeup the Auth module to extend the functionality of Authlogic for our purposes. <br />
==== lib/auth/acts_as_authentic.rb ====<br />
The '''ActsAsAuthentic''' module extends the authlogic user model to ignore passwords, reset_persistence_token when the username changes, manage stale data (via refreshed_at date), and handle user attributes hash.<br />
==== lib/auth/session.rb ====<br />
The '''Session''' module establishes the Auth module callback functions and can serve as a template for further localizations.<br />
Callback functions to be overridden locally as appropriate:<br />
# '''before_login''' - called when a new user session is being established, before the actual login is called<br />
# '''login_url''' - called if before_login isn't defined or returns false, convenience method for redirecting to an external login url<br />
# '''after_login''' - called after login user has been validated, provides mechanism for authorization<br />
# '''before_logout''' - called before current user session is destroyed<br />
# '''after_logout''' - called after current user session is destroyed<br />
# '''on_every_request''' - called on every request<br />
The module also has two private methods for use in extended local classes.<br />
# '''validate_url''' - generates the return url to send to external logins services<br />
# '''session_user''' - facilitates saving user attributes to the user model<br />
<br />
== Configuring Local Auth Modules ==<br />
<br />
=== Auth Module Example ===<br />
AuthPDS was developed at NYU as an example of generating a plugin and populating the stub methods provided.<br />
==== lib/auth/local/auth_pds.rb ====<br />
The AuthPDS module gets mixed in with the Session module to log in via PDS (customized for NYU). It implements the following callback functions:<br />
# login_url - provides PDS login URL to redirect to<br />
# after_login - checks authorization, stores some cookies to improve performance, saves some user data when appropriate<br />
# logout_url - provides PDS logout URL<br />
# after_logout - destroys some cookies that were stored to improve performance<br />
# on_every_request - checks if the user has logged in (e.g. from another SSO system)<br />
<br />
==== config/umlaut_config/environment.rb ====<br />
The auth configuration settings are added to the local environment.rb to establish the appropriate class to mix in and to pass various options to the module.</div>Scotdaltonhttps://wiki.code4lib.org/index.php?title=Auth_Module&diff=6869Auth Module2011-01-20T18:41:16Z<p>Scotdalton: </p>
<hr />
<div>== Auth Module (Developer Notes) ==<br />
The Auth module extends functionality available from the [Authlogic|http://github.com/binarylogic/authlogic] (version 2.1.0) gem and included in the lib directory based on the [Authlogic OpenID add-on|http://github.com/binarylogic/authlogic_openid].'<br />
<br />
The idea is to allow services to be customized based on user attributes.<br />
Some examples could be: <br />
* Store a user's mobile phone number or email address to default the txt/email values for those services.<br />
* Provide extended request or paging functionality that is only available to a subset of patrons.<br />
* Allow faculty members to place items on reserve from the Umlaut screen.<br />
<br />
=== Umlaut Files Added or Updated ===<br />
Several core Umlaut files were added and updated in order to support the Auth module.<br />
==== app/controller/application.rb ====<br />
The '''ApplicationController''' filters passwords and provides two methods for accessing the current user session and the current user. <br />
# '''current_user_session''' (aliased as has_logged_in_user) - returns nil if no user session has been established<br />
# '''current_user''' (aliased as logged_in_user) - returns either nil or the current logged in user<br />
The application calls '''current_user_session''' as a before filter on every request.<br />
==== app/controllers/user_sessions_controller.rb ====<br />
The '''UserSessionsController''' manages the routing of user session requests and provides three methods.<br />
# '''new''' - renders the login screen or redirects to external login screen<br />
# '''validate''' - validates the user upon login<br />
# '''destroy''' - processes logout<br />
==== app/controllers/users_controller.rb ====<br />
The '''UsersController''' manages the routing of user related requests and provides two methods.<br />
# '''edit''' (also called from show) - renders the user preferences screen<br />
# '''update''' - processes updates to user preferences (not yet implemented)<br />
==== app/models/user_sessions.rb ====<br />
'''UserSessions''' extends Authlogic::Session::Base<br />
==== app/models/user.rb ====<br />
'''User''' serializes user_attributes and adds acts_as_authentic functionality to leverage the Authlogic gem. Also sets to_param to username rather than id for prettier urls.<br />
==== app/views/user_sessions/new.html.rb ====<br />
The default login screen, doesn't currently do anything.<br />
==== app/views/users/edit.html.rb ====<br />
The default user preferences screen. Users can update mobile phone numbers and the like (not yet implemented)<br />
==== config/environment.rb ====<br />
Added authlogic gem: <br />
<pre><br />
#require 'authlogic'<br />
config.gem 'authlogic', :version => "= 2.1.0"<br />
</pre><br />
==== config/routes.rb ====<br />
Added url routes:<br />
<pre><br />
map.login "login", :controller => "user_sessions", :action => "new"<br />
map.logout "logout", :controller => "user_sessions", :action => "destroy"<br />
map.validate "validate", :controller => "user_sessions", :action => "validate"<br />
map.resources :user_sessions<br />
map.resources :users<br />
</pre><br />
==== db/schema.rb ====<br />
Modified the user table to use with authlogic. Included column for mobile phone, user attributes and a refreshed_at date to track age of a particular record for better performance.<br />
==== lib/service.rb ====<br />
Make the user accessible from a particular user via the session_user method.<br />
<pre><br />
# Returns the currently logged in user, if available, based on the user_credentials_id in the <br />
# session from AuthLogic. May want to make this more sophisticated and check user_credentials<br />
# against db.<br />
def session_user<br />
return User.find(session["user_credentials_id"]) unless session["user_credentials_id"].nil?<br />
end<br />
</pre><br />
<br />
=== Auth Module ===<br />
The following files makeup the Auth module to extend the functionality of Authlogic for our purposes. <br />
==== lib/auth/acts_as_authentic.rb ====<br />
The '''ActsAsAuthentic''' module extends the authlogic user model to ignore passwords, reset_persistence_token when the username changes, manage stale data (via refreshed_at date), and handle user attributes hash.<br />
==== lib/auth/session.rb ====<br />
The '''Session''' module establishes the Auth module callback functions and can serve as a template for further localizations.<br />
Callback functions to be overridden locally as appropriate:<br />
# '''before_login''' - called when a new user session is being established, before the actual login is called<br />
# '''login_url''' - called if before_login isn't defined or returns false, convenience method for redirecting to an external login url<br />
# '''after_login''' - called after login user has been validated, provides mechanism for authorization<br />
# '''before_logout''' - called before current user session is destroyed<br />
# '''after_logout''' - called after current user session is destroyed<br />
# '''on_every_request''' - called on every request<br />
The module also has two private methods for use in extended local classes.<br />
# '''validate_url''' - generates the return url to send to external logins services<br />
# '''session_user''' - facilitates saving user attributes to the user model<br />
<br />
== Configuring Local Auth Modules ==<br />
<br />
=== Auth Module Example ===<br />
AuthPDS was developed at NYU as an example of generating a plugin and populating the stub methods provided.<br />
* lib/auth/local/auth_pds.rb<br />
The AuthPDS module gets mixed in with the Session module to log in via PDS (customized for NYU). It implements the following callback functions:<br />
# login_url - provides PDS login URL to redirect to<br />
# after_login - checks authorization, stores some cookies to improve performance, saves some user data when appropriate<br />
# logout_url - provides PDS logout URL<br />
# after_logout - destroys some cookies that were stored to improve performance<br />
# on_every_request - checks if the user has logged in (e.g. from another SSO system)</div>Scotdaltonhttps://wiki.code4lib.org/index.php?title=Auth_Module&diff=6867Auth Module2011-01-20T18:10:18Z<p>Scotdalton: </p>
<hr />
<div>== Auth Module (Developer Notes) ==<br />
The Auth module extends functionality available from the [Authlogic|http://github.com/binarylogic/authlogic] (version 2.1.0) gem and included in the lib directory based on the [Authlogic OpenID add-on|http://github.com/binarylogic/authlogic_openid].<br />
<br />
=== Core Umlaut Files Added or Updated ===<br />
Several core Umlaut files were updated in order to develop the Auth module.<br />
==== app/controller/application.rb ====<br />
The '''ApplicationController''' filters passwords and provides two methods for accessing the current user session and the current user. <br />
# '''current_user_session''' (aliased as has_logged_in_user) - returns nil if no user session has been established<br />
# '''current_user''' (aliased as logged_in_user) - returns either nil or the current logged in user<br />
The application calls '''current_user_session''' as a before filter on every request.<br />
==== app/controllers/user_sessions_controller.rb ====<br />
The '''UserSessionsController''' manages the routing of user session requests and provides three methods.<br />
# '''new''' - renders the login screen or redirects to external login screen<br />
# '''validate''' - validates the user upon login<br />
# '''destroy''' - processes logout<br />
==== app/controllers/users_controller.rb ====<br />
The '''UsersController''' manages the routing of user related requests and provides two methods.<br />
# '''edit''' (also called from show) - renders the user preferences screen<br />
# '''update''' - processes updates to user preferences (not yet implemented)<br />
==== app/models/user_sessions.rb ====<br />
'''UserSessions''' extends Authlogic::Session::Base<br />
==== app/models/user.rb ====<br />
'''User''' serializes user_attributes and adds acts_as_authentic functionality to leverage the Authlogic gem. Also sets to_param to username rather than id for prettier urls.<br />
==== app/views/user_sessions/new.html.rb ====<br />
The default login screen, doesn't currently do anything.<br />
==== app/views/users/edit.html.rb ====<br />
The default user preferences screen. Users can update mobile phone numbers and the like (not yet implemented)<br />
==== config/environment.rb ====<br />
Added authlogic gem: <br />
<pre><br />
#require 'authlogic'<br />
config.gem 'authlogic', :version => "= 2.1.0"<br />
</pre><br />
==== config/routes.rb ====<br />
Added url routes:<br />
<pre><br />
map.login "login", :controller => "user_sessions", :action => "new"<br />
map.logout "logout", :controller => "user_sessions", :action => "destroy"<br />
map.validate "validate", :controller => "user_sessions", :action => "validate"<br />
map.resources :user_sessions<br />
map.resources :users<br />
</pre><br />
==== db/schema.rb ====<br />
Modified the user table to use with authlogic. Included column for mobile phone, user attributes and a refreshed_at date to track age of a particular record for better performance.<br />
==== lib/service.rb ====<br />
Make the user accessible from a particular user via the session_user method.<br />
<pre><br />
# Returns the currently logged in user, if available, based on the user_credentials_id in the <br />
# session from AuthLogic. May want to make this more sophisticated and check user_credentials<br />
# against db.<br />
def session_user<br />
return User.find(session["user_credentials_id"]) unless session["user_credentials_id"].nil?<br />
end<br />
</pre><br />
<br />
=== Auth Module ===<br />
The following files makeup the Auth module to extend the functionality of Authlogic for our purposes. <br />
==== lib/auth/acts_as_authentic.rb ====<br />
'''ActsAsAuthentic''' extends the authlogic user model to ignore passwords, reset_persistence_token when the username changes, manage stale data (via refreshed_at date), and handle user attributes hash.<br />
==== lib/auth/session.rb ====<br />
'''Session''' establishes the Auth module callback functions and can serve as a template for further localizations.<br />
Callback functions to be overridden locally as appropriate:<br />
# '''before_login''' - called when a new user session is being established, before the actual login is called<br />
# '''login_url''' - called if before_login isn't defined or returns false, convenience method for redirecting to an external login url<br />
# '''after_login''' - called after login user has been validated, provides mechanism for authorization<br />
# '''before_logout''' - called before current user session is destroyed<br />
# '''after_logout''' - called after current user session is destroyed<br />
# '''on_every_request''' - called on every request<br />
<br />
It also has private methods validate_url (for sending to external logins) and session_user (for setting the session_user attributes).<br />
<br />
== Generating Local UmlautAuth Plugins ==<br />
The following steps will generate a stub module for populating for local Auth needs (assumes authlogic version 2.1.0 is installed and user table is up to date).<br />
# script/generate UmlautAuth YourModuleName<br />
# put your code in the generated stub methods in vendor/plugins/your_module_name/lib/your_module_name.rb<br />
# add the following to config/umlaut_config/environment.rb:<br />
<pre>config.app_config.login_modules = [{:id => "your_module_name", :module => :YourModuleName, :default => true }] #default => true doesn't do anything yet</pre><br />
<br />
=== UmlautAuth Plugin Example ===<br />
UmlautAuthOpenSSO was developed at NYU as an example of generating a plugin and populating the stub methods provided.<br />
* /vendor/plugins/umlaut_auth_open_sso</div>Scotdaltonhttps://wiki.code4lib.org/index.php?title=Auth_Module&diff=6866Auth Module2011-01-20T17:54:50Z<p>Scotdalton: </p>
<hr />
<div>== Auth Module (Developer Notes) ==<br />
The Auth module extends functionality available from the [Authlogic|http://github.com/binarylogic/authlogic] (version 2.1.0) gem and included in the lib directory based on the [Authlogic OpenID add-on|http://github.com/binarylogic/authlogic_openid].<br />
<br />
=== Core Umlaut Files Added or Updated ===<br />
Several core Umlaut files were updated in order to develop the Auth module.<br />
==== app/controller/application.rb ====<br />
The '''ApplicationController''' filters passwords and provides two methods for accessing the current user session and the current user. <br />
# '''current_user_session''' (aliased as has_logged_in_user) - returns nil if no user session has been established<br />
# '''current_user''' (aliased as logged_in_user) - returns either nil or the current logged in user<br />
The application calls '''current_user_session''' as a before filter on every request.<br />
==== app/controllers/user_sessions_controller.rb ====<br />
The '''UserSessionsController''' manages the routing of user session requests and provides three methods.<br />
# '''new''' - renders the login screen or redirects to external login screen<br />
# '''validate''' - validates the user upon login<br />
# '''destroy''' - processes logout<br />
==== app/controllers/users_controller.rb ====<br />
The '''UsersController''' manages the routing of user related requests and provides two methods.<br />
# '''edit''' (also called from show) - renders the user preferences screen<br />
# '''update''' - processes updates to user preferences (not yet implemented)<br />
==== app/models/user_sessions.rb ====<br />
'''UserSessions''' extends Authlogic::Session::Base<br />
==== app/models/user.rb ====<br />
'''User''' serializes user_attributes and adds acts_as_authentic functionality to leverage the Authlogic gem. Also sets to_param to username rather than id for prettier urls.<br />
==== app/views/user_sessions/new.html.rb ====<br />
The default login screen, doesn't currently do anything.<br />
==== app/views/users/edit.html.rb ====<br />
The default user preferences screen. Users can update mobile phone numbers and the like (not yet implemented)<br />
==== config/environment.rb ====<br />
Added authlogic gem: <br />
<pre><br />
#require 'authlogic'<br />
config.gem 'authlogic', :version => "= 2.1.0"<br />
</pre><br />
==== config/routes.rb ====<br />
Added url routes:<br />
<pre><br />
map.login "login", :controller => "user_sessions", :action => "new"<br />
map.logout "logout", :controller => "user_sessions", :action => "destroy"<br />
map.validate "validate", :controller => "user_sessions", :action => "validate"<br />
map.resources :user_sessions<br />
map.resources :users<br />
</pre><br />
==== db/schema.rb ====<br />
Modified the user table to use with authlogic. Included column for mobile phone, user attributes and a refreshed_at date to track age of a particular record for better performance.<br />
==== lib/service.rb ====<br />
Make the user accessible from a particular user via the session_user method.<br />
<pre><br />
# Returns the currently logged in user, if available, based on the user_credentials_id in the <br />
# session from AuthLogic. May want to make this more sophisticated and check user_credentials<br />
# against db.<br />
def session_user<br />
return User.find(session["user_credentials_id"]) unless session["user_credentials_id"].nil?<br />
end<br />
</pre><br />
<br />
=== Auth Module ===<br />
The following files makeup the Auth module to extend the functionality of Authlogic for our purposes. They could probably be moved into the UserSession module, but may be useful as a template for further localization.<br />
==== lib/auth/acts_as_authentic.rb ====<br />
'''ActsAsAuthentic''' extends the authlogic user model to ignore passwords, reset_persistence_token when the username changes, manage stale data (via refreshed_at date), and handle user attributes hash.<br />
==== lib/auth/session.rb ====<br />
'''Session''' establishes the following callback functions:<br />
# '''before_login'''<br />
# '''after_login'''<br />
# '''before_logout'''<br />
# '''after_logout'''<br />
# '''on_every_request''' <br />
Also establishes two public methods for setting external login and logout urls.<br />
# '''login_url'''<br />
# '''logout_url''' The after_login callback is a bit of a hack since it only runs when the controller action is "validate." It also has private methods validate_url (for sending to external logins) and session_user (for setting the session_user attributes).<br />
<br />
== Generating Local UmlautAuth Plugins ==<br />
The following steps will generate a stub module for populating for local Auth needs (assumes authlogic version 2.1.0 is installed and user table is up to date).<br />
# script/generate UmlautAuth YourModuleName<br />
# put your code in the generated stub methods in vendor/plugins/your_module_name/lib/your_module_name.rb<br />
# add the following to config/umlaut_config/environment.rb:<br />
<pre>config.app_config.login_modules = [{:id => "your_module_name", :module => :YourModuleName, :default => true }] #default => true doesn't do anything yet</pre><br />
<br />
=== UmlautAuth Plugin Example ===<br />
UmlautAuthOpenSSO was developed at NYU as an example of generating a plugin and populating the stub methods provided.<br />
* /vendor/plugins/umlaut_auth_open_sso</div>Scotdaltonhttps://wiki.code4lib.org/index.php?title=Auth_Module&diff=6865Auth Module2011-01-20T17:49:27Z<p>Scotdalton: </p>
<hr />
<div>== Auth Module (Developer Notes) ==<br />
The Auth module extends functionality available from the [Authlogic|http://github.com/binarylogic/authlogic] (version 2.1.0) gem and included in the lib directory based on the [Authlogic OpenID add-on|http://github.com/binarylogic/authlogic_openid].<br />
<br />
=== Core Umlaut Files Added or Updated ===<br />
Several core Umlaut files were updated in order to develop the Auth module.<br />
==== app/controller/application.rb ====<br />
The '''ApplicationController''' filters passwords and provides two methods for accessing the current user session and the current user. <br />
# '''current_user_session''' (aliased as has_logged_in_user) - returns nil if no user session has been established<br />
# '''current_user''' (aliased as logged_in_user) - returns either nil or the current logged in user<br />
The application calls '''current_user_session''' as a before filter on every request.<br />
==== app/controllers/user_sessions_controller.rb ====<br />
The '''UserSessionsController''' manages the routing of user session requests and provides three methods.<br />
# '''new''' - renders the login screen or redirects to external login screen<br />
# '''validate''' - validates the user upon login<br />
# '''destroy''' - processes logout<br />
==== app/controllers/users_controller.rb ====<br />
The '''UsersController''' manages the routing of user related requests and provides two methods.<br />
# '''edit''' (also called from show) - renders the user preferences screen<br />
# '''update''' - processes updates to user preferences (not yet implemented)<br />
==== app/models/user_sessions.rb ====<br />
'''UserSessions''' extends Authlogic::Session::Base<br />
==== app/models/user.rb ====<br />
'''User''' serializes user_attributes and adds acts_as_authentic functionality to leverage the Authlogic gem. Also sets to_param to username rather than id for prettier urls.<br />
==== app/views/user_sessions/new.html.rb ====<br />
The default login screen, doesn't currently do anything.<br />
==== app/views/users/edit.html.rb ====<br />
The default user preferences screen. Users can update mobile phone numbers and the like (not yet implemented)<br />
==== config/environment.rb ====<br />
Added authlogic gem: <br />
<pre><br />
#require 'authlogic'<br />
config.gem 'authlogic', :version => "= 2.1.0"<br />
</pre><br />
==== config/routes.rb ====<br />
Added url routes:<br />
<pre><br />
map.login "login", :controller => "user_sessions", :action => "new"<br />
map.logout "logout", :controller => "user_sessions", :action => "destroy"<br />
map.validate "validate", :controller => "user_sessions", :action => "validate"<br />
map.resources :user_sessions<br />
map.resources :users<br />
</pre><br />
==== db/schema.rb ====<br />
Modified the user table to use with authlogic. Included column for mobile phone, user attributes and a refreshed_at date to track age of a particular record for better performance.<br />
==== lib/service.rb ====<br />
Make the user accessible from a particular user via the session_user method.<br />
<pre><br />
# Returns the currently logged in user, if available, based on the user_credentials_id in the <br />
# session from AuthLogic. May want to make this more sophisticated and check user_credentials<br />
# against db.<br />
def session_user<br />
return User.find(session["user_credentials_id"]) unless session["user_credentials_id"].nil?<br />
end<br />
</pre><br />
<br />
=== Auth Module ===<br />
The following files makeup the Auth module to extend the functionality of Authlogic for our purposes. They could probably be moved into the UserSession module, but may be useful as a template for further localization.<br />
==== vendor/plugins/umlaut_auth/lib/acts_as_authentic.rb ====<br />
Extends the authlogic user model to ignore passwords, reset_persistence_token when the username changes, manage stale data (via expiration date), and handle user attributes hash.<br />
==== vendor/plugins/umlaut_auth/lib/session.rb ====<br />
Establishes callback functions before_login, after_login, before_logout, after_logout, on_every_request as well as public methods login_url, logout_url for setting external login and logouts. The after_login callback is a bit of a hack since it only runs when the controller action is "validate." It also has private methods validate_url (for sending to external logins) and session_user (for setting the session_user attributes).<br />
==== vendor/plugins/umlaut_auth/umlaut_auth.rb ====<br />
Loads the relevant auth modules from configuration. (Only tested with one auth module. Probably won't work yet for multiple auto modules.)<br />
==== vendor/plugins/umlaut_auth/generators/umlaut_auth/umlaut_auth_generator.rb ====<br />
Uses the umlaut_auth template to create stubs for UmlautAuth localization.<br />
<br />
== Generating Local UmlautAuth Plugins ==<br />
The following steps will generate a stub module for populating for local Auth needs (assumes authlogic version 2.1.0 is installed and user table is up to date).<br />
# script/generate UmlautAuth YourModuleName<br />
# put your code in the generated stub methods in vendor/plugins/your_module_name/lib/your_module_name.rb<br />
# add the following to config/umlaut_config/environment.rb:<br />
<pre>config.app_config.login_modules = [{:id => "your_module_name", :module => :YourModuleName, :default => true }] #default => true doesn't do anything yet</pre><br />
<br />
=== UmlautAuth Plugin Example ===<br />
UmlautAuthOpenSSO was developed at NYU as an example of generating a plugin and populating the stub methods provided.<br />
* /vendor/plugins/umlaut_auth_open_sso</div>Scotdaltonhttps://wiki.code4lib.org/index.php?title=Auth_Module&diff=6864Auth Module2011-01-20T17:48:19Z<p>Scotdalton: </p>
<hr />
<div>== Auth Module (Developer Notes) ==<br />
The Auth module extends functionality available from the [Authlogic|http://github.com/binarylogic/authlogic] (version 2.1.0) gem and included in the lib directory based on the [Authlogic OpenID add-on|http://github.com/binarylogic/authlogic_openid].<br />
<br />
=== Core Umlaut Files Added or Updated ===<br />
Several core Umlaut files were updated in order to develop the Auth module.<br />
==== app/controller/application.rb ====<br />
The '''ApplicationController''' filters passwords and provides two methods for accessing the current user session and the current user. <br />
# '''current_user_session''' (aliased as has_logged_in_user) - returns nil if no user session has been established<br />
# '''current_user''' (aliased as logged_in_user) - returns either nil or the current logged in user<br />
The application calls '''current_user_session''' as a before filter on every request.<br />
==== app/controllers/user_sessions_controller.rb ====<br />
The '''UserSessionsController''' manages the routing of user session requests and provides three methods.<br />
# '''new''' - renders the login screen or redirects to external login screen<br />
# '''validate''' - validates the user upon login<br />
# '''destroy''' - processes logout<br />
==== app/controllers/users_controller.rb ====<br />
The '''UsersController''' manages the routing of user related requests and provides two methods.<br />
# '''edit''' (also called from show) - renders the user preferences screen<br />
# '''update''' - processes updates to user preferences (not yet implemented)<br />
app/models/user_sessions<br />
'''UserSessions''' extends Authlogic::Session::Base<br />
==== app/models/user ====<br />
'''User''' serializes user_attributes and adds acts_as_authentic functionality to leverage the Authlogic gem. Also sets to_param to username rather than id for prettier urls.<br />
==== app/views/user_sessions/new ====<br />
The default login screen, doesn't currently do anything.<br />
==== app/views/users/edit ====<br />
The default user preferences screen. Users can update mobile phone numbers and the like (not yet implemented)<br />
==== config/environment.rb ====<br />
Added authlogic gem: <br />
<pre><br />
#require 'authlogic'<br />
config.gem 'authlogic', :version => "= 2.1.0"<br />
</pre><br />
==== config/routes.rb ====<br />
Added url routes:<br />
<pre><br />
map.login "login", :controller => "user_sessions", :action => "new"<br />
map.logout "logout", :controller => "user_sessions", :action => "destroy"<br />
map.validate "validate", :controller => "user_sessions", :action => "validate"<br />
map.resources :user_sessions<br />
map.resources :users<br />
</pre><br />
==== db/schema.rb ====<br />
Modified the user table to use with authlogic. Included column for mobile phone, user attributes and a refreshed_at date to track age of a particular record for better performance.<br />
==== lib/service.rb ====<br />
Make the user accessible from a particular user via the session_user method.<br />
<pre><br />
# Returns the currently logged in user, if available, based on the user_credentials_id in the <br />
# session from AuthLogic. May want to make this more sophisticated and check user_credentials<br />
# against db.<br />
def session_user<br />
return User.find(session["user_credentials_id"]) unless session["user_credentials_id"].nil?<br />
end<br />
</pre><br />
<br />
=== Auth Module ===<br />
The following files makeup the Auth module to extend the functionality of Authlogic for our purposes. They could probably be moved into the UserSession module, but may be useful as a template for further localization.<br />
==== vendor/plugins/umlaut_auth/lib/acts_as_authentic.rb ====<br />
Extends the authlogic user model to ignore passwords, reset_persistence_token when the username changes, manage stale data (via expiration date), and handle user attributes hash.<br />
==== vendor/plugins/umlaut_auth/lib/session.rb ====<br />
Establishes callback functions before_login, after_login, before_logout, after_logout, on_every_request as well as public methods login_url, logout_url for setting external login and logouts. The after_login callback is a bit of a hack since it only runs when the controller action is "validate." It also has private methods validate_url (for sending to external logins) and session_user (for setting the session_user attributes).<br />
==== vendor/plugins/umlaut_auth/umlaut_auth.rb ====<br />
Loads the relevant auth modules from configuration. (Only tested with one auth module. Probably won't work yet for multiple auto modules.)<br />
==== vendor/plugins/umlaut_auth/generators/umlaut_auth/umlaut_auth_generator.rb ====<br />
Uses the umlaut_auth template to create stubs for UmlautAuth localization.<br />
<br />
== Generating Local UmlautAuth Plugins ==<br />
The following steps will generate a stub module for populating for local Auth needs (assumes authlogic version 2.1.0 is installed and user table is up to date).<br />
# script/generate UmlautAuth YourModuleName<br />
# put your code in the generated stub methods in vendor/plugins/your_module_name/lib/your_module_name.rb<br />
# add the following to config/umlaut_config/environment.rb:<br />
<pre>config.app_config.login_modules = [{:id => "your_module_name", :module => :YourModuleName, :default => true }] #default => true doesn't do anything yet</pre><br />
<br />
=== UmlautAuth Plugin Example ===<br />
UmlautAuthOpenSSO was developed at NYU as an example of generating a plugin and populating the stub methods provided.<br />
* /vendor/plugins/umlaut_auth_open_sso</div>Scotdaltonhttps://wiki.code4lib.org/index.php?title=Auth_Module&diff=6862Auth Module2011-01-20T17:39:22Z<p>Scotdalton: Updating for most recent version.</p>
<hr />
<div>== Auth Module (Developer Notes) ==<br />
The Auth module extends functionality available from the [Authlogic|http://github.com/binarylogic/authlogic] (version 2.1.0) gem and included in the lib directory based on the [Authlogic OpenID add-on|http://github.com/binarylogic/authlogic_openid].<br />
<br />
=== Core Umlaut Files Added or Updated ===<br />
Several core Umlaut files were updated in order to develop the Auth module.<br />
==== app/controller/application.rb ====<br />
The '''ApplicationController''' filters passwords and provides two methods for accessing the current user session and the current user. <br />
# '''current_user_session''' (aliased as has_logged_in_user) - returns nil if no user session has been established<br />
# '''current_user''' (aliased as logged_in_user) - returns either nil or the current logged in user<br />
The application calls '''current_user_session''' as a before filter on every request.<br />
==== app/controllers/user_sessions_controller.rb ====<br />
The '''UserSessionsController''' manages the routing of user session requests and provides three methods.<br />
# '''new''' - renders the login screen or redirects to external login screen<br />
# '''validate''' - validates the user upon login<br />
# '''destroy''' - processes logout<br />
==== app/controllers/users_controller.rb ====<br />
The '''UsersController''' manages the routing of user related requests and provides two methods.<br />
# '''edit''' (also called from show) - renders the user preferences screen<br />
# '''update''' - processes updates to user preferences (not yet implemented)<br />
app/models/user_sessions<br />
'''UserSessions''' extends Authlogic::Session::Base<br />
==== app/models/user ====<br />
'''User''' serializes user_attributes and adds acts_as_authentic functionality to leverage the Authlogic gem. Also sets to_param to username rather than id for prettier urls.<br />
==== app/views/user_sessions/new ====<br />
The default login screen, doesn't currently do anything.<br />
==== app/views/users/edit ====<br />
The default user preferences screen. Users can update mobile phone numbers and the like (not yet implemented)<br />
==== config/environment.rb ====<br />
Added authlogic gem: <br />
<pre><br />
#require 'authlogic'<br />
config.gem 'authlogic', :version => "= 2.1.0"</pre><br />
==== config/routes.rb ====<br />
Added url routes:<br />
<pre><br />
map.login "login", :controller => "user_sessions", :action => "new"<br />
map.logout "logout", :controller => "user_sessions", :action => "destroy"<br />
map.validate "validate", :controller => "user_sessions", :action => "validate"<br />
map.resources :user_sessions<br />
map.resources :users<br />
</pre><br />
==== db/schema.rb ====<br />
Modified the user table to use with authlogic. Included column for mobile phone, user attributes and a refreshed_at date to track age of a particular record for better performance.<br />
==== lib/service.rb ====<br />
Make the user accessible from a particular user via the session_user method.<br />
<pre><br />
# Returns the currently logged in user, if available, based on the user_credentials_id in the <br />
# session from AuthLogic. May want to make this more sophisticated and check user_credentials<br />
# against db.<br />
def session_user<br />
return User.find(session["user_credentials_id"]) unless session["user_credentials_id"].nil?<br />
end<br />
</pre><br />
<br />
=== Auth Module ===<br />
The following files makeup the Auth module to extend the functionality of Authlogic for our purposes. They could probably be moved into the UserSession module, but may be useful as a template for further localization.<br />
==== vendor/plugins/umlaut_auth/lib/acts_as_authentic.rb ====<br />
Extends the authlogic user model to ignore passwords, reset_persistence_token when the username changes, manage stale data (via expiration date), and handle user attributes hash.<br />
==== vendor/plugins/umlaut_auth/lib/session.rb ====<br />
Establishes callback functions before_login, after_login, before_logout, after_logout, on_every_request as well as public methods login_url, logout_url for setting external login and logouts. The after_login callback is a bit of a hack since it only runs when the controller action is "validate." It also has private methods validate_url (for sending to external logins) and session_user (for setting the session_user attributes).<br />
==== vendor/plugins/umlaut_auth/umlaut_auth.rb ====<br />
Loads the relevant auth modules from configuration. (Only tested with one auth module. Probably won't work yet for multiple auto modules.)<br />
==== vendor/plugins/umlaut_auth/generators/umlaut_auth/umlaut_auth_generator.rb ====<br />
Uses the umlaut_auth template to create stubs for UmlautAuth localization.<br />
<br />
== Generating Local UmlautAuth Plugins ==<br />
The following steps will generate a stub module for populating for local Auth needs (assumes authlogic version 2.1.0 is installed and user table is up to date).<br />
# script/generate UmlautAuth YourModuleName<br />
# put your code in the generated stub methods in vendor/plugins/your_module_name/lib/your_module_name.rb<br />
# add the following to config/umlaut_config/environment.rb:<br />
<pre>config.app_config.login_modules = [{:id => "your_module_name", :module => :YourModuleName, :default => true }] #default => true doesn't do anything yet</pre><br />
<br />
=== UmlautAuth Plugin Example ===<br />
UmlautAuthOpenSSO was developed at NYU as an example of generating a plugin and populating the stub methods provided.<br />
* /vendor/plugins/umlaut_auth_open_sso</div>Scotdaltonhttps://wiki.code4lib.org/index.php?title=Auth_Module&diff=6859Auth Module2011-01-20T16:23:02Z<p>Scotdalton: UmlautAuth Module moved to Auth Module: Properly reflect name of the module.</p>
<hr />
<div>== Umlaut Auth Module (Developer Notes) ==<br />
The Auth module extends functionality available from the [Authlogic|http://github.com/binarylogic/authlogic] (version 2.1.0) gem and included in the lib directory based on the [Authlogic OpenID add-on|http://github.com/binarylogic/authlogic_openid].<br />
<br />
=== Core Umlaut Files Added or Updated ===<br />
Several core Umlaut files were updated in order to develop the Auth module.<br />
==== app/controller/application.rb ====<br />
The application controller was updated to filter passwords and provide two methods for accessing the current user session and the current user. The method current_user_session (aliased as has_logged_in_user) returns nil if no user session has been established. The method current_user (aliased as logged_in_user) return either nil or the current logged in user.<br />
==== app/controllers/user_sessions_controller.rb ====<br />
The user sessions controller manages the routing of user session requests. Three methods are available:<br />
# new - renders the login screen or redirects to external login screen<br />
# validate - validates the user upon login<br />
# destroy - processes logout<br />
==== app/controllers/users_controller.rb ====<br />
The users controller manages the routing of user related requests. Two methods are available:<br />
# edit (also called from show) - renders the user preferences screen.<br />
# update - processes updates to user preferences.<br />
app/models/user_sessions<br />
Extends Authlogic::Session::Base<br />
==== app/models/user ====<br />
Serializes user_attributes and adds acts_as_authentic functionality to leverage the Authlogic gem. Also sets to_param to username rather than id for prettier urls.<br />
==== app/views/user_sessions/new ====<br />
The default login screen<br />
==== app/views/users/edit ====<br />
The default user preferences screen. Users can update mobile phone numbers and the like.<br />
==== config/environment.rb ====<br />
Added authlogic gem: <br />
<pre><br />
#require 'authlogic'<br />
config.gem 'authlogic', :version => "= 2.1.0"</pre><br />
==== config/routes.rb ====<br />
Added url routes:<br />
<pre><br />
map.login "login", :controller => "user_sessions", :action => "new"<br />
map.logout "logout", :controller => "user_sessions", :action => "destroy"<br />
map.validate "validate", :controller => "user_sessions", :action => "validate"<br />
map.resources :user_sessions<br />
map.resources :users<br />
</pre><br />
==== db/schema.rb ====<br />
Modified the user table to use with authlogic. Included column for mobile phone and user attributes.<br />
<br />
=== UmlautAuth Plugin ===<br />
The following files makeup the UmlautAuth module to extend the functionality of Authlogic for our purposes. They could probably be moved into the UserSession module, but may be useful as a template for further localization.<br />
==== vendor/plugins/umlaut_auth/lib/acts_as_authentic.rb ====<br />
Extends the authlogic user model to ignore passwords, reset_persistence_token when the username changes, manage stale data (via expiration date), and handle user attributes hash.<br />
==== vendor/plugins/umlaut_auth/lib/session.rb ====<br />
Establishes callback functions before_login, after_login, before_logout, after_logout, on_every_request as well as public methods login_url, logout_url for setting external login and logouts. The after_login callback is a bit of a hack since it only runs when the controller action is "validate." It also has private methods validate_url (for sending to external logins) and session_user (for setting the session_user attributes).<br />
==== vendor/plugins/umlaut_auth/umlaut_auth.rb ====<br />
Loads the relevant auth modules from configuration. (Only tested with one auth module. Probably won't work yet for multiple auto modules.)<br />
==== vendor/plugins/umlaut_auth/generators/umlaut_auth/umlaut_auth_generator.rb ====<br />
Uses the umlaut_auth template to create stubs for UmlautAuth localization.<br />
<br />
== Generating Local UmlautAuth Plugins ==<br />
The following steps will generate a stub module for populating for local Auth needs (assumes authlogic version 2.1.0 is installed and user table is up to date).<br />
# script/generate UmlautAuth YourModuleName<br />
# put your code in the generated stub methods in vendor/plugins/your_module_name/lib/your_module_name.rb<br />
# add the following to config/umlaut_config/environment.rb:<br />
<pre>config.app_config.login_modules = [{:id => "your_module_name", :module => :YourModuleName, :default => true }] #default => true doesn't do anything yet</pre><br />
<br />
=== UmlautAuth Plugin Example ===<br />
UmlautAuthOpenSSO was developed at NYU as an example of generating a plugin and populating the stub methods provided.<br />
* /vendor/plugins/umlaut_auth_open_sso</div>Scotdaltonhttps://wiki.code4lib.org/index.php?title=UmlautAuth_Module&diff=6860UmlautAuth Module2011-01-20T16:23:02Z<p>Scotdalton: UmlautAuth Module moved to Auth Module: Properly reflect name of the module.</p>
<hr />
<div>#REDIRECT [[Auth Module]]</div>Scotdaltonhttps://wiki.code4lib.org/index.php?title=Auth_Module&diff=6858Auth Module2011-01-20T16:22:16Z<p>Scotdalton: </p>
<hr />
<div>== Umlaut Auth Module (Developer Notes) ==<br />
The Auth module extends functionality available from the [Authlogic|http://github.com/binarylogic/authlogic] (version 2.1.0) gem and included in the lib directory based on the [Authlogic OpenID add-on|http://github.com/binarylogic/authlogic_openid].<br />
<br />
=== Core Umlaut Files Added or Updated ===<br />
Several core Umlaut files were updated in order to develop the Auth module.<br />
==== app/controller/application.rb ====<br />
The application controller was updated to filter passwords and provide two methods for accessing the current user session and the current user. The method current_user_session (aliased as has_logged_in_user) returns nil if no user session has been established. The method current_user (aliased as logged_in_user) return either nil or the current logged in user.<br />
==== app/controllers/user_sessions_controller.rb ====<br />
The user sessions controller manages the routing of user session requests. Three methods are available:<br />
# new - renders the login screen or redirects to external login screen<br />
# validate - validates the user upon login<br />
# destroy - processes logout<br />
==== app/controllers/users_controller.rb ====<br />
The users controller manages the routing of user related requests. Two methods are available:<br />
# edit (also called from show) - renders the user preferences screen.<br />
# update - processes updates to user preferences.<br />
app/models/user_sessions<br />
Extends Authlogic::Session::Base<br />
==== app/models/user ====<br />
Serializes user_attributes and adds acts_as_authentic functionality to leverage the Authlogic gem. Also sets to_param to username rather than id for prettier urls.<br />
==== app/views/user_sessions/new ====<br />
The default login screen<br />
==== app/views/users/edit ====<br />
The default user preferences screen. Users can update mobile phone numbers and the like.<br />
==== config/environment.rb ====<br />
Added authlogic gem: <br />
<pre><br />
#require 'authlogic'<br />
config.gem 'authlogic', :version => "= 2.1.0"</pre><br />
==== config/routes.rb ====<br />
Added url routes:<br />
<pre><br />
map.login "login", :controller => "user_sessions", :action => "new"<br />
map.logout "logout", :controller => "user_sessions", :action => "destroy"<br />
map.validate "validate", :controller => "user_sessions", :action => "validate"<br />
map.resources :user_sessions<br />
map.resources :users<br />
</pre><br />
==== db/schema.rb ====<br />
Modified the user table to use with authlogic. Included column for mobile phone and user attributes.<br />
<br />
=== UmlautAuth Plugin ===<br />
The following files makeup the UmlautAuth module to extend the functionality of Authlogic for our purposes. They could probably be moved into the UserSession module, but may be useful as a template for further localization.<br />
==== vendor/plugins/umlaut_auth/lib/acts_as_authentic.rb ====<br />
Extends the authlogic user model to ignore passwords, reset_persistence_token when the username changes, manage stale data (via expiration date), and handle user attributes hash.<br />
==== vendor/plugins/umlaut_auth/lib/session.rb ====<br />
Establishes callback functions before_login, after_login, before_logout, after_logout, on_every_request as well as public methods login_url, logout_url for setting external login and logouts. The after_login callback is a bit of a hack since it only runs when the controller action is "validate." It also has private methods validate_url (for sending to external logins) and session_user (for setting the session_user attributes).<br />
==== vendor/plugins/umlaut_auth/umlaut_auth.rb ====<br />
Loads the relevant auth modules from configuration. (Only tested with one auth module. Probably won't work yet for multiple auto modules.)<br />
==== vendor/plugins/umlaut_auth/generators/umlaut_auth/umlaut_auth_generator.rb ====<br />
Uses the umlaut_auth template to create stubs for UmlautAuth localization.<br />
<br />
== Generating Local UmlautAuth Plugins ==<br />
The following steps will generate a stub module for populating for local Auth needs (assumes authlogic version 2.1.0 is installed and user table is up to date).<br />
# script/generate UmlautAuth YourModuleName<br />
# put your code in the generated stub methods in vendor/plugins/your_module_name/lib/your_module_name.rb<br />
# add the following to config/umlaut_config/environment.rb:<br />
<pre>config.app_config.login_modules = [{:id => "your_module_name", :module => :YourModuleName, :default => true }] #default => true doesn't do anything yet</pre><br />
<br />
=== UmlautAuth Plugin Example ===<br />
UmlautAuthOpenSSO was developed at NYU as an example of generating a plugin and populating the stub methods provided.<br />
* /vendor/plugins/umlaut_auth_open_sso</div>Scotdaltonhttps://wiki.code4lib.org/index.php?title=Auth_Module&diff=3304Auth Module2009-10-19T19:22:11Z<p>Scotdalton: /* Generating Local UmlautAuth Plugins */</p>
<hr />
<div>== UmlautAuth Module (Developer Notes) ==<br />
The UmlautAuth module extends functionality available from the [Authlogic|http://github.com/binarylogic/authlogic] (version 2.1.0) gem and configured as a plugin based on the [Authlogic OpenID add-on|http://github.com/binarylogic/authlogic_openid].<br />
<br />
=== Core Umlaut Files Added or Updated ===<br />
Several core Umlaut files were updated in order to develop the UmlautAuth module.<br />
==== app/controller/application.rb ====<br />
The application controller was updated to filter passwords and provide two methods for accessing the current user session and the current user. The method current_user_session (aliased as has_logged_in_user) returns nil if no user session has been established. The method current_user (aliased as logged_in_user) return either nil or the current logged in user.<br />
==== app/controllers/user_sessions_controller.rb ====<br />
The user sessions controller manages the routing of user session requests. Three methods are available:<br />
# new - renders the login screen or redirects to external login screen<br />
# validate - validates the user upon login<br />
# destroy - processes logout<br />
==== app/controllers/users_controller.rb ====<br />
The users controller manages the routing of user related requests. Two methods are available:<br />
# edit (also called from show) - renders the user preferences screen.<br />
# update - processes updates to user preferences.<br />
app/models/user_sessions<br />
Extends Authlogic::Session::Base<br />
==== app/models/user ====<br />
Serializes user_attributes and adds acts_as_authentic functionality to leverage the Authlogic gem. Also sets to_param to username rather than id for prettier urls.<br />
==== app/views/user_sessions/new ====<br />
The default login screen<br />
==== app/views/users/edit ====<br />
The default user preferences screen. Users can update mobile phone numbers and the like.<br />
==== config/environment.rb ====<br />
Added authlogic gem: <br />
<pre><br />
#require 'authlogic'<br />
config.gem 'authlogic', :version => "= 2.1.0"</pre><br />
==== config/routes.rb ====<br />
Added url routes:<br />
<pre><br />
map.login "login", :controller => "user_sessions", :action => "new"<br />
map.logout "logout", :controller => "user_sessions", :action => "destroy"<br />
map.validate "validate", :controller => "user_sessions", :action => "validate"<br />
map.resources :user_sessions<br />
map.resources :users<br />
</pre><br />
==== db/schema.rb ====<br />
Modified the user table to use with authlogic. Included column for mobile phone and user attributes.<br />
<br />
=== UmlautAuth Plugin ===<br />
The following files makeup the UmlautAuth module to extend the functionality of Authlogic for our purposes. They could probably be moved into the UserSession module, but may be useful as a template for further localization.<br />
==== vendor/plugins/umlaut_auth/lib/acts_as_authentic.rb ====<br />
Extends the authlogic user model to ignore passwords, reset_persistence_token when the username changes, manage stale data (via expiration date), and handle user attributes hash.<br />
==== vendor/plugins/umlaut_auth/lib/session.rb ====<br />
Establishes callback functions before_login, after_login, before_logout, after_logout, on_every_request as well as public methods login_url, logout_url for setting external login and logouts. The after_login callback is a bit of a hack since it only runs when the controller action is "validate." It also has private methods validate_url (for sending to external logins) and session_user (for setting the session_user attributes).<br />
==== vendor/plugins/umlaut_auth/umlaut_auth.rb ====<br />
Loads the relevant auth modules from configuration. (Only tested with one auth module. Probably won't work yet for multiple auto modules.)<br />
==== vendor/plugins/umlaut_auth/generators/umlaut_auth/umlaut_auth_generator.rb ====<br />
Uses the umlaut_auth template to create stubs for UmlautAuth localization.<br />
<br />
== Generating Local UmlautAuth Plugins ==<br />
The following steps will generate a stub module for populating for local Auth needs (assumes authlogic version 2.1.0 is installed and user table is up to date).<br />
# script/generate UmlautAuth YourModuleName<br />
# put your code in the generated stub methods in vendor/plugins/your_module_name/lib/your_module_name.rb<br />
# add the following to config/umlaut_config/environment.rb:<br />
<pre>config.app_config.login_modules = [{:id => "your_module_name", :module => :YourModuleName, :default => true }] #default => true doesn't do anything yet</pre><br />
<br />
=== UmlautAuth Plugin Example ===<br />
UmlautAuthOpenSSO was developed at NYU as an example of generating a plugin and populating the stub methods provided.<br />
* /vendor/plugins/umlaut_auth_open_sso</div>Scotdaltonhttps://wiki.code4lib.org/index.php?title=Notes_for_a_User/Auth_architecture&diff=3303Notes for a User/Auth architecture2009-10-19T19:19:48Z<p>Scotdalton: </p>
<hr />
<div>[[Category:Umlaut]]<br />
<br />
'''[[UmlautAuth Module]]''': Developer notes and documentation.<br />
<br />
One question, do you guys need to handle IP-address recognition too? I have some cases where I need to make something available to a logged in user _or_ a user from a recognized IP, etc. But I haven't quite worked through how to support that architecturally. So if you guys dont' need it yet, we'll just ignore it for now. :)<br />
<br />
<br />
1. USER MODEL<br />
<br />
So there will be a User model in the database. (There's one there now, but it's not being used for anything. Take it over to make it what we want). It'll have a unique account name (with unique index), support a few standard attributes (firstname, lastname, email, maybe even cell number for your txt messaging stuff), and also support an arbitrary hash of key/values, the UserAttributes you were talking about. it might make sense to have some abstract notion of 'group membership' built in standard, not just in the arbitrary hash, since this is such a common pattern, but not sure how to do that.<br />
<br />
(That arbitrary hash of UserValues could be implemented in a normal rdbms normalized way -- or could just be a hash serialized to a single column. Rails supports the latter easily. Not sure what is best -- normalized would allow you to query on it, the serialized hash would actually be more efficient in the app, and easier to work with. Serialized hash also easily allows the values to be arrays or other complex data types. I think I lean toward serialized hash.)<br />
<br />
Everyone will use this model, no need for a custom sub-class. This makes inter-operability with existing plugins easier. Shareable code can assume more or less what a User object will look like.<br />
<br />
A logged in user is represented simply by the user pk ID in the session. (This is the Rails best way to do it).<br />
<br />
Umlaut will provide some methods for interacting with logged in user and with users in general:<br />
<br />
a) hasLoggedInUser ( is there a pk in the session? )<br />
b) loggedInUser (lazy load user from pk in session, return nil if none exists)<br />
c) setLoggedInUser( user ) <br />
d) logoutUser()<br />
<br />
Those are probably all methods in the Application controller. hasLoggedInUser and loggedInUser at least obviously also need to be exposed as helper methods.<br />
<br />
One trick is that actual Service code,since it's running in a seperate thread, doesn't have straightforward access to the session. However, I anticipated this, and a couple months ago added in a way for Service threads to access the session. So there probably needs to be hasLoggedInUser and loggedInUser methods in the Service super-class that use the special method of session access.<br />
<br />
<br />
2. AUTH PROCESS<br />
<br />
This is based on what David Walker just did in Xerxes, after thinking it all through. The idea is that there's kind of a 'plugin' architecture for Auth modules. Of course 'plugin architecture' in Rails just means a class with certain expected methods.<br />
<br />
The methods that an Auth plugin can implement, that will be called by Umlaut at appropriate times are:<br />
* onEveryRequest() => a method that will be called in a before_filter on _every_ Umlaut request, to give an auth module the opportunity to check an SSO system for an already logged in user or logged out user, etc. <br />
* beforeLogin() => a call back<br />
* loginScreen() => a call back that returns a hash that Umlaut will pass to render() to render a login page in the Umlaut app, if neccesary. Or it can be a hash that redirects to some external login app.<br />
* afterLogin() => If a local login screen is rendered, it submits to this action. This action can also be used as a 'callback' from an external login screen you redirect to.<br />
* logout() => callback that Umalut calls on logout<br />
<br />
All of these methods could be implemented or not by the Auth module.<br />
<br />
So you only need to implement actual custom auth stuff, Umlaut takes care of the control flow and bookkeeping. I can provide more details about how this would work, but we'll leave it out for now.<br />
<br />
You'd configure your auth module in an initializer -- actually auth module(s) cause it should be possible to have more than one available. Something like:<br />
<br />
config.login_modules = [<br />
{ :id => "shibboleth",<br />
:class => :ShibbolethAuth<br />
:default => true },<br />
{ :id => "horizon",<br />
:class => :HorizonAuth<br />
}<br />
]<br />
<br />
<br />
So that's a start. You with me so far? Heh.<br />
<br />
Actually, i'll stick all of this on the wiki, and mention it on the listserv.<br />
<br />
Jonathan</div>Scotdaltonhttps://wiki.code4lib.org/index.php?title=Notes_for_a_User/Auth_architecture&diff=3302Notes for a User/Auth architecture2009-10-19T19:19:19Z<p>Scotdalton: </p>
<hr />
<div>[[Category:Umlaut]]<br />
<br />
'''[[UmlautAuth Module]]'''<br />
<br />
One question, do you guys need to handle IP-address recognition too? I have some cases where I need to make something available to a logged in user _or_ a user from a recognized IP, etc. But I haven't quite worked through how to support that architecturally. So if you guys dont' need it yet, we'll just ignore it for now. :)<br />
<br />
<br />
1. USER MODEL<br />
<br />
So there will be a User model in the database. (There's one there now, but it's not being used for anything. Take it over to make it what we want). It'll have a unique account name (with unique index), support a few standard attributes (firstname, lastname, email, maybe even cell number for your txt messaging stuff), and also support an arbitrary hash of key/values, the UserAttributes you were talking about. it might make sense to have some abstract notion of 'group membership' built in standard, not just in the arbitrary hash, since this is such a common pattern, but not sure how to do that.<br />
<br />
(That arbitrary hash of UserValues could be implemented in a normal rdbms normalized way -- or could just be a hash serialized to a single column. Rails supports the latter easily. Not sure what is best -- normalized would allow you to query on it, the serialized hash would actually be more efficient in the app, and easier to work with. Serialized hash also easily allows the values to be arrays or other complex data types. I think I lean toward serialized hash.)<br />
<br />
Everyone will use this model, no need for a custom sub-class. This makes inter-operability with existing plugins easier. Shareable code can assume more or less what a User object will look like.<br />
<br />
A logged in user is represented simply by the user pk ID in the session. (This is the Rails best way to do it).<br />
<br />
Umlaut will provide some methods for interacting with logged in user and with users in general:<br />
<br />
a) hasLoggedInUser ( is there a pk in the session? )<br />
b) loggedInUser (lazy load user from pk in session, return nil if none exists)<br />
c) setLoggedInUser( user ) <br />
d) logoutUser()<br />
<br />
Those are probably all methods in the Application controller. hasLoggedInUser and loggedInUser at least obviously also need to be exposed as helper methods.<br />
<br />
One trick is that actual Service code,since it's running in a seperate thread, doesn't have straightforward access to the session. However, I anticipated this, and a couple months ago added in a way for Service threads to access the session. So there probably needs to be hasLoggedInUser and loggedInUser methods in the Service super-class that use the special method of session access.<br />
<br />
<br />
2. AUTH PROCESS<br />
<br />
This is based on what David Walker just did in Xerxes, after thinking it all through. The idea is that there's kind of a 'plugin' architecture for Auth modules. Of course 'plugin architecture' in Rails just means a class with certain expected methods.<br />
<br />
The methods that an Auth plugin can implement, that will be called by Umlaut at appropriate times are:<br />
* onEveryRequest() => a method that will be called in a before_filter on _every_ Umlaut request, to give an auth module the opportunity to check an SSO system for an already logged in user or logged out user, etc. <br />
* beforeLogin() => a call back<br />
* loginScreen() => a call back that returns a hash that Umlaut will pass to render() to render a login page in the Umlaut app, if neccesary. Or it can be a hash that redirects to some external login app.<br />
* afterLogin() => If a local login screen is rendered, it submits to this action. This action can also be used as a 'callback' from an external login screen you redirect to.<br />
* logout() => callback that Umalut calls on logout<br />
<br />
All of these methods could be implemented or not by the Auth module.<br />
<br />
So you only need to implement actual custom auth stuff, Umlaut takes care of the control flow and bookkeeping. I can provide more details about how this would work, but we'll leave it out for now.<br />
<br />
You'd configure your auth module in an initializer -- actually auth module(s) cause it should be possible to have more than one available. Something like:<br />
<br />
config.login_modules = [<br />
{ :id => "shibboleth",<br />
:class => :ShibbolethAuth<br />
:default => true },<br />
{ :id => "horizon",<br />
:class => :HorizonAuth<br />
}<br />
]<br />
<br />
<br />
So that's a start. You with me so far? Heh.<br />
<br />
Actually, i'll stick all of this on the wiki, and mention it on the listserv.<br />
<br />
Jonathan</div>Scotdaltonhttps://wiki.code4lib.org/index.php?title=Notes_for_a_User/Auth_architecture&diff=3301Notes for a User/Auth architecture2009-10-19T19:18:48Z<p>Scotdalton: </p>
<hr />
<div>[[Category:Umlaut]]<br />
<br />
==[[UmlautAuth Module]] ==<br />
<br />
<br />
One question, do you guys need to handle IP-address recognition too? I have some cases where I need to make something available to a logged in user _or_ a user from a recognized IP, etc. But I haven't quite worked through how to support that architecturally. So if you guys dont' need it yet, we'll just ignore it for now. :)<br />
<br />
<br />
1. USER MODEL<br />
<br />
So there will be a User model in the database. (There's one there now, but it's not being used for anything. Take it over to make it what we want). It'll have a unique account name (with unique index), support a few standard attributes (firstname, lastname, email, maybe even cell number for your txt messaging stuff), and also support an arbitrary hash of key/values, the UserAttributes you were talking about. it might make sense to have some abstract notion of 'group membership' built in standard, not just in the arbitrary hash, since this is such a common pattern, but not sure how to do that.<br />
<br />
(That arbitrary hash of UserValues could be implemented in a normal rdbms normalized way -- or could just be a hash serialized to a single column. Rails supports the latter easily. Not sure what is best -- normalized would allow you to query on it, the serialized hash would actually be more efficient in the app, and easier to work with. Serialized hash also easily allows the values to be arrays or other complex data types. I think I lean toward serialized hash.)<br />
<br />
Everyone will use this model, no need for a custom sub-class. This makes inter-operability with existing plugins easier. Shareable code can assume more or less what a User object will look like.<br />
<br />
A logged in user is represented simply by the user pk ID in the session. (This is the Rails best way to do it).<br />
<br />
Umlaut will provide some methods for interacting with logged in user and with users in general:<br />
<br />
a) hasLoggedInUser ( is there a pk in the session? )<br />
b) loggedInUser (lazy load user from pk in session, return nil if none exists)<br />
c) setLoggedInUser( user ) <br />
d) logoutUser()<br />
<br />
Those are probably all methods in the Application controller. hasLoggedInUser and loggedInUser at least obviously also need to be exposed as helper methods.<br />
<br />
One trick is that actual Service code,since it's running in a seperate thread, doesn't have straightforward access to the session. However, I anticipated this, and a couple months ago added in a way for Service threads to access the session. So there probably needs to be hasLoggedInUser and loggedInUser methods in the Service super-class that use the special method of session access.<br />
<br />
<br />
2. AUTH PROCESS<br />
<br />
This is based on what David Walker just did in Xerxes, after thinking it all through. The idea is that there's kind of a 'plugin' architecture for Auth modules. Of course 'plugin architecture' in Rails just means a class with certain expected methods.<br />
<br />
The methods that an Auth plugin can implement, that will be called by Umlaut at appropriate times are:<br />
* onEveryRequest() => a method that will be called in a before_filter on _every_ Umlaut request, to give an auth module the opportunity to check an SSO system for an already logged in user or logged out user, etc. <br />
* beforeLogin() => a call back<br />
* loginScreen() => a call back that returns a hash that Umlaut will pass to render() to render a login page in the Umlaut app, if neccesary. Or it can be a hash that redirects to some external login app.<br />
* afterLogin() => If a local login screen is rendered, it submits to this action. This action can also be used as a 'callback' from an external login screen you redirect to.<br />
* logout() => callback that Umalut calls on logout<br />
<br />
All of these methods could be implemented or not by the Auth module.<br />
<br />
So you only need to implement actual custom auth stuff, Umlaut takes care of the control flow and bookkeeping. I can provide more details about how this would work, but we'll leave it out for now.<br />
<br />
You'd configure your auth module in an initializer -- actually auth module(s) cause it should be possible to have more than one available. Something like:<br />
<br />
config.login_modules = [<br />
{ :id => "shibboleth",<br />
:class => :ShibbolethAuth<br />
:default => true },<br />
{ :id => "horizon",<br />
:class => :HorizonAuth<br />
}<br />
]<br />
<br />
<br />
So that's a start. You with me so far? Heh.<br />
<br />
Actually, i'll stick all of this on the wiki, and mention it on the listserv.<br />
<br />
Jonathan</div>Scotdaltonhttps://wiki.code4lib.org/index.php?title=Auth_Module&diff=3299Auth Module2009-10-19T19:17:40Z<p>Scotdalton: UmlautAuth Module and Plugin Architecture moved to UmlautAuth Module: The initial name is not indicative of content.</p>
<hr />
<div>== UmlautAuth Module (Developer Notes) ==<br />
The UmlautAuth module extends functionality available from the [Authlogic|http://github.com/binarylogic/authlogic] (version 2.1.0) gem and configured as a plugin based on the [Authlogic OpenID add-on|http://github.com/binarylogic/authlogic_openid].<br />
<br />
=== Core Umlaut Files Added or Updated ===<br />
Several core Umlaut files were updated in order to develop the UmlautAuth module.<br />
==== app/controller/application.rb ====<br />
The application controller was updated to filter passwords and provide two methods for accessing the current user session and the current user. The method current_user_session (aliased as has_logged_in_user) returns nil if no user session has been established. The method current_user (aliased as logged_in_user) return either nil or the current logged in user.<br />
==== app/controllers/user_sessions_controller.rb ====<br />
The user sessions controller manages the routing of user session requests. Three methods are available:<br />
# new - renders the login screen or redirects to external login screen<br />
# validate - validates the user upon login<br />
# destroy - processes logout<br />
==== app/controllers/users_controller.rb ====<br />
The users controller manages the routing of user related requests. Two methods are available:<br />
# edit (also called from show) - renders the user preferences screen.<br />
# update - processes updates to user preferences.<br />
app/models/user_sessions<br />
Extends Authlogic::Session::Base<br />
==== app/models/user ====<br />
Serializes user_attributes and adds acts_as_authentic functionality to leverage the Authlogic gem. Also sets to_param to username rather than id for prettier urls.<br />
==== app/views/user_sessions/new ====<br />
The default login screen<br />
==== app/views/users/edit ====<br />
The default user preferences screen. Users can update mobile phone numbers and the like.<br />
==== config/environment.rb ====<br />
Added authlogic gem: <br />
<pre><br />
#require 'authlogic'<br />
config.gem 'authlogic', :version => "= 2.1.0"</pre><br />
==== config/routes.rb ====<br />
Added url routes:<br />
<pre><br />
map.login "login", :controller => "user_sessions", :action => "new"<br />
map.logout "logout", :controller => "user_sessions", :action => "destroy"<br />
map.validate "validate", :controller => "user_sessions", :action => "validate"<br />
map.resources :user_sessions<br />
map.resources :users<br />
</pre><br />
==== db/schema.rb ====<br />
Modified the user table to use with authlogic. Included column for mobile phone and user attributes.<br />
<br />
=== UmlautAuth Plugin ===<br />
The following files makeup the UmlautAuth module to extend the functionality of Authlogic for our purposes. They could probably be moved into the UserSession module, but may be useful as a template for further localization.<br />
==== vendor/plugins/umlaut_auth/lib/acts_as_authentic.rb ====<br />
Extends the authlogic user model to ignore passwords, reset_persistence_token when the username changes, manage stale data (via expiration date), and handle user attributes hash.<br />
==== vendor/plugins/umlaut_auth/lib/session.rb ====<br />
Establishes callback functions before_login, after_login, before_logout, after_logout, on_every_request as well as public methods login_url, logout_url for setting external login and logouts. The after_login callback is a bit of a hack since it only runs when the controller action is "validate." It also has private methods validate_url (for sending to external logins) and session_user (for setting the session_user attributes).<br />
==== vendor/plugins/umlaut_auth/umlaut_auth.rb ====<br />
Loads the relevant auth modules from configuration. (Only tested with one auth module. Probably won't work yet for multiple auto modules.)<br />
==== vendor/plugins/umlaut_auth/generators/umlaut_auth/umlaut_auth_generator.rb ====<br />
Uses the umlaut_auth template to create stubs for UmlautAuth localization.<br />
<br />
== Generating Local UmlautAuth Plugins ==<br />
The following steps will generate a stub module for populating for local Auth needs (assumes authlogic version 2.1.0 is installed and user table is up to date).<br />
# script/generate UmlautAuth YourModuleName<br />
# put your code in the generated stub methods in vendor/plugins/your_module_name/lib/your_module_name.rb<br />
# add the following to config/umlaut_config/environment.rb:<br />
<pre>config.app_config.login_modules = [{:id => "your_module_name", :module => :YourModuleName, :default => true }] #(the default => true doesn't do anything yet.)</pre><br />
<br />
=== UmlautAuth Plugin Example ===<br />
UmlautAuthOpenSSO was developed at NYU as an example of generating a plugin and populating the stub methods provided.<br />
* /vendor/plugins/umlaut_auth_open_sso</div>Scotdaltonhttps://wiki.code4lib.org/index.php?title=UmlautAuth_Module_and_Plugin_Architecture&diff=3300UmlautAuth Module and Plugin Architecture2009-10-19T19:17:40Z<p>Scotdalton: UmlautAuth Module and Plugin Architecture moved to UmlautAuth Module: The initial name is not indicative of content.</p>
<hr />
<div>#REDIRECT [[UmlautAuth Module]]</div>Scotdaltonhttps://wiki.code4lib.org/index.php?title=Auth_Module&diff=3298Auth Module2009-10-19T19:16:42Z<p>Scotdalton: /* UmlautAuth Plugin */</p>
<hr />
<div>== UmlautAuth Module (Developer Notes) ==<br />
The UmlautAuth module extends functionality available from the [Authlogic|http://github.com/binarylogic/authlogic] (version 2.1.0) gem and configured as a plugin based on the [Authlogic OpenID add-on|http://github.com/binarylogic/authlogic_openid].<br />
<br />
=== Core Umlaut Files Added or Updated ===<br />
Several core Umlaut files were updated in order to develop the UmlautAuth module.<br />
==== app/controller/application.rb ====<br />
The application controller was updated to filter passwords and provide two methods for accessing the current user session and the current user. The method current_user_session (aliased as has_logged_in_user) returns nil if no user session has been established. The method current_user (aliased as logged_in_user) return either nil or the current logged in user.<br />
==== app/controllers/user_sessions_controller.rb ====<br />
The user sessions controller manages the routing of user session requests. Three methods are available:<br />
# new - renders the login screen or redirects to external login screen<br />
# validate - validates the user upon login<br />
# destroy - processes logout<br />
==== app/controllers/users_controller.rb ====<br />
The users controller manages the routing of user related requests. Two methods are available:<br />
# edit (also called from show) - renders the user preferences screen.<br />
# update - processes updates to user preferences.<br />
app/models/user_sessions<br />
Extends Authlogic::Session::Base<br />
==== app/models/user ====<br />
Serializes user_attributes and adds acts_as_authentic functionality to leverage the Authlogic gem. Also sets to_param to username rather than id for prettier urls.<br />
==== app/views/user_sessions/new ====<br />
The default login screen<br />
==== app/views/users/edit ====<br />
The default user preferences screen. Users can update mobile phone numbers and the like.<br />
==== config/environment.rb ====<br />
Added authlogic gem: <br />
<pre><br />
#require 'authlogic'<br />
config.gem 'authlogic', :version => "= 2.1.0"</pre><br />
==== config/routes.rb ====<br />
Added url routes:<br />
<pre><br />
map.login "login", :controller => "user_sessions", :action => "new"<br />
map.logout "logout", :controller => "user_sessions", :action => "destroy"<br />
map.validate "validate", :controller => "user_sessions", :action => "validate"<br />
map.resources :user_sessions<br />
map.resources :users<br />
</pre><br />
==== db/schema.rb ====<br />
Modified the user table to use with authlogic. Included column for mobile phone and user attributes.<br />
<br />
=== UmlautAuth Plugin ===<br />
The following files makeup the UmlautAuth module to extend the functionality of Authlogic for our purposes. They could probably be moved into the UserSession module, but may be useful as a template for further localization.<br />
==== vendor/plugins/umlaut_auth/lib/acts_as_authentic.rb ====<br />
Extends the authlogic user model to ignore passwords, reset_persistence_token when the username changes, manage stale data (via expiration date), and handle user attributes hash.<br />
==== vendor/plugins/umlaut_auth/lib/session.rb ====<br />
Establishes callback functions before_login, after_login, before_logout, after_logout, on_every_request as well as public methods login_url, logout_url for setting external login and logouts. The after_login callback is a bit of a hack since it only runs when the controller action is "validate." It also has private methods validate_url (for sending to external logins) and session_user (for setting the session_user attributes).<br />
==== vendor/plugins/umlaut_auth/umlaut_auth.rb ====<br />
Loads the relevant auth modules from configuration. (Only tested with one auth module. Probably won't work yet for multiple auto modules.)<br />
==== vendor/plugins/umlaut_auth/generators/umlaut_auth/umlaut_auth_generator.rb ====<br />
Uses the umlaut_auth template to create stubs for UmlautAuth localization.<br />
<br />
== Generating Local UmlautAuth Plugins ==<br />
The following steps will generate a stub module for populating for local Auth needs (assumes authlogic version 2.1.0 is installed and user table is up to date).<br />
# script/generate UmlautAuth YourModuleName<br />
# put your code in the generated stub methods in vendor/plugins/your_module_name/lib/your_module_name.rb<br />
# add the following to config/umlaut_config/environment.rb:<br />
<pre>config.app_config.login_modules = [{:id => "your_module_name", :module => :YourModuleName, :default => true }] #(the default => true doesn't do anything yet.)</pre><br />
<br />
=== UmlautAuth Plugin Example ===<br />
UmlautAuthOpenSSO was developed at NYU as an example of generating a plugin and populating the stub methods provided.<br />
* /vendor/plugins/umlaut_auth_open_sso</div>Scotdaltonhttps://wiki.code4lib.org/index.php?title=Auth_Module&diff=3297Auth Module2009-10-19T19:16:03Z<p>Scotdalton: /* Core Umlaut Files Added or Updated */</p>
<hr />
<div>== UmlautAuth Module (Developer Notes) ==<br />
The UmlautAuth module extends functionality available from the [Authlogic|http://github.com/binarylogic/authlogic] (version 2.1.0) gem and configured as a plugin based on the [Authlogic OpenID add-on|http://github.com/binarylogic/authlogic_openid].<br />
<br />
=== Core Umlaut Files Added or Updated ===<br />
Several core Umlaut files were updated in order to develop the UmlautAuth module.<br />
==== app/controller/application.rb ====<br />
The application controller was updated to filter passwords and provide two methods for accessing the current user session and the current user. The method current_user_session (aliased as has_logged_in_user) returns nil if no user session has been established. The method current_user (aliased as logged_in_user) return either nil or the current logged in user.<br />
==== app/controllers/user_sessions_controller.rb ====<br />
The user sessions controller manages the routing of user session requests. Three methods are available:<br />
# new - renders the login screen or redirects to external login screen<br />
# validate - validates the user upon login<br />
# destroy - processes logout<br />
==== app/controllers/users_controller.rb ====<br />
The users controller manages the routing of user related requests. Two methods are available:<br />
# edit (also called from show) - renders the user preferences screen.<br />
# update - processes updates to user preferences.<br />
app/models/user_sessions<br />
Extends Authlogic::Session::Base<br />
==== app/models/user ====<br />
Serializes user_attributes and adds acts_as_authentic functionality to leverage the Authlogic gem. Also sets to_param to username rather than id for prettier urls.<br />
==== app/views/user_sessions/new ====<br />
The default login screen<br />
==== app/views/users/edit ====<br />
The default user preferences screen. Users can update mobile phone numbers and the like.<br />
==== config/environment.rb ====<br />
Added authlogic gem: <br />
<pre><br />
#require 'authlogic'<br />
config.gem 'authlogic', :version => "= 2.1.0"</pre><br />
==== config/routes.rb ====<br />
Added url routes:<br />
<pre><br />
map.login "login", :controller => "user_sessions", :action => "new"<br />
map.logout "logout", :controller => "user_sessions", :action => "destroy"<br />
map.validate "validate", :controller => "user_sessions", :action => "validate"<br />
map.resources :user_sessions<br />
map.resources :users<br />
</pre><br />
==== db/schema.rb ====<br />
Modified the user table to use with authlogic. Included column for mobile phone and user attributes.<br />
<br />
=== UmlautAuth Plugin ===<br />
The following files makeup the UmlautAuth module to extend the functionality of Authlogic for our purposes. They could probably be moved into the UserSession module, but may be useful as a template for further localization.<br />
* vendor/plugins/umlaut_auth/lib/acts_as_authentic.rb<br />
Extends the authlogic user model to ignore passwords, reset_persistence_token when the username changes, manage stale data (via expiration date), and handle user attributes hash.<br />
* vendor/plugins/umlaut_auth/lib/session.rb<br />
Establishes callback functions before_login, after_login, before_logout, after_logout, on_every_request as well as public methods login_url, logout_url for setting external login and logouts. The after_login callback is a bit of a hack since it only runs when the controller action is "validate." It also has private methods validate_url (for sending to external logins) and session_user (for setting the session_user attributes).<br />
* vendor/plugins/umlaut_auth/umlaut_auth.rb<br />
Loads the relevant auth modules from configuration. (Only tested with one auth module. Probably won't work yet for multiple auto modules.)<br />
* vendor/plugins/umlaut_auth/generators/umlaut_auth/umlaut_auth_generator.rb<br />
Uses the umlaut_auth template to create stubs for UmlautAuth localization.<br />
<br />
== Generating Local UmlautAuth Plugins ==<br />
The following steps will generate a stub module for populating for local Auth needs (assumes authlogic version 2.1.0 is installed and user table is up to date).<br />
# script/generate UmlautAuth YourModuleName<br />
# put your code in the generated stub methods in vendor/plugins/your_module_name/lib/your_module_name.rb<br />
# add the following to config/umlaut_config/environment.rb:<br />
<pre>config.app_config.login_modules = [{:id => "your_module_name", :module => :YourModuleName, :default => true }] #(the default => true doesn't do anything yet.)</pre><br />
<br />
=== UmlautAuth Plugin Example ===<br />
UmlautAuthOpenSSO was developed at NYU as an example of generating a plugin and populating the stub methods provided.<br />
* /vendor/plugins/umlaut_auth_open_sso</div>Scotdaltonhttps://wiki.code4lib.org/index.php?title=Auth_Module&diff=3296Auth Module2009-10-19T19:15:33Z<p>Scotdalton: /* Core Umlaut Files Added or Updated */</p>
<hr />
<div>== UmlautAuth Module (Developer Notes) ==<br />
The UmlautAuth module extends functionality available from the [Authlogic|http://github.com/binarylogic/authlogic] (version 2.1.0) gem and configured as a plugin based on the [Authlogic OpenID add-on|http://github.com/binarylogic/authlogic_openid].<br />
<br />
=== Core Umlaut Files Added or Updated ===<br />
Several core Umlaut files were updated in order to develop the UmlautAuth module.<br />
==== app/controller/application.rb ====<br />
The application controller was updated to filter passwords and provide two methods for accessing the current user session and the current user. The method current_user_session (aliased as has_logged_in_user) returns nil if no user session has been established. The method current_user (aliased as logged_in_user) return either nil or the current logged in user.<br />
==== app/controllers/user_sessions_controller.rb ====<br />
The user sessions controller manages the routing of user session requests. Three methods are available:<br />
# new - renders the login screen or redirects to external login screen<br />
# validate - validates the user upon login<br />
# destroy - processes logout<br />
==== app/controllers/users_controller.rb ====<br />
The users controller manages the routing of user related requests. Two methods are available:<br />
# edit (also called from show) - renders the user preferences screen.<br />
# update - processes updates to user preferences.<br />
app/models/user_sessions<br />
Extends Authlogic::Session::Base<br />
==== app/models/user ====<br />
Serializes user_attributes and adds acts_as_authentic functionality to leverage the Authlogic gem. Also sets to_param to username rather than id for prettier urls.<br />
==== app/views/user_sessions/new ====<br />
The default login screen<br />
==== app/views/users/edit ====<br />
The default user preferences screen. Users can update mobile phone numbers and the like.<br />
==== config/environment.rb ====<br />
Added authlogic gem: <br />
<pre><br />
#require 'authlogic'<br />
config.gem 'authlogic', :version => "= 2.1.0"</pre><br />
* config/routes.rb<br />
Added url routes:<br />
<pre><br />
map.login "login", :controller => "user_sessions", :action => "new"<br />
map.logout "logout", :controller => "user_sessions", :action => "destroy"<br />
map.validate "validate", :controller => "user_sessions", :action => "validate"<br />
map.resources :user_sessions<br />
map.resources :users<br />
</pre><br />
* db/schema.rb<br />
Modified the user table to use with authlogic. Included column for mobile phone and user attributes.<br />
<br />
=== UmlautAuth Plugin ===<br />
The following files makeup the UmlautAuth module to extend the functionality of Authlogic for our purposes. They could probably be moved into the UserSession module, but may be useful as a template for further localization.<br />
* vendor/plugins/umlaut_auth/lib/acts_as_authentic.rb<br />
Extends the authlogic user model to ignore passwords, reset_persistence_token when the username changes, manage stale data (via expiration date), and handle user attributes hash.<br />
* vendor/plugins/umlaut_auth/lib/session.rb<br />
Establishes callback functions before_login, after_login, before_logout, after_logout, on_every_request as well as public methods login_url, logout_url for setting external login and logouts. The after_login callback is a bit of a hack since it only runs when the controller action is "validate." It also has private methods validate_url (for sending to external logins) and session_user (for setting the session_user attributes).<br />
* vendor/plugins/umlaut_auth/umlaut_auth.rb<br />
Loads the relevant auth modules from configuration. (Only tested with one auth module. Probably won't work yet for multiple auto modules.)<br />
* vendor/plugins/umlaut_auth/generators/umlaut_auth/umlaut_auth_generator.rb<br />
Uses the umlaut_auth template to create stubs for UmlautAuth localization.<br />
<br />
== Generating Local UmlautAuth Plugins ==<br />
The following steps will generate a stub module for populating for local Auth needs (assumes authlogic version 2.1.0 is installed and user table is up to date).<br />
# script/generate UmlautAuth YourModuleName<br />
# put your code in the generated stub methods in vendor/plugins/your_module_name/lib/your_module_name.rb<br />
# add the following to config/umlaut_config/environment.rb:<br />
<pre>config.app_config.login_modules = [{:id => "your_module_name", :module => :YourModuleName, :default => true }] #(the default => true doesn't do anything yet.)</pre><br />
<br />
=== UmlautAuth Plugin Example ===<br />
UmlautAuthOpenSSO was developed at NYU as an example of generating a plugin and populating the stub methods provided.<br />
* /vendor/plugins/umlaut_auth_open_sso</div>Scotdalton