Browse the Ruby on Rails Community.

You are here: Browse Railsplugins Open Id Authentication

Open Id Authentication

Provides a thin wrapper around the excellent ruby-openid gem from JanRan. Be sure to install that first:

gem install ruby-openid

To understand what OpenID is about and how it works, it helps to read the documentation for lib/openid/consumer.rb from that gem.

Prerequisites

OpenID authentication uses the session, so be sure that you haven’t turned that off. It also relies on tmp/openids being present in RAILS_ROOT. The install.rb should install that automatically as you get the plugin, but if not, be sure to do that yourself.

This particular plugin also relies on the fact that the authentication action allows for both POST and GET operations. If you’re using RESTful authentication, you’ll need to explicitly allow for this in your routes.rb.

Example

This example is just to meant to demonstrate how you could use OpenID authentication. You’ll might well want to add salted hash logins instead of plain text passwords and other requirements on top of this. Treat it as a starting point, not a destination.

config/routes.rb

map.open_id_complete 'session', :controller => "session", :action => "create", :requirements => { :method => :get }
map.resource :session

app/controllers/session_controller.rb class SessionController < ApplicationController def create if open_id?(params[:name]) open_id_authentication(params[:name]) else password_authentication(params[:name], params[:password]) end end

protected
    def password_authentication(name, password)
      if @current_user = @account.users.find_by_name_and_password(params[:name], params[:password])
        successful_login
      else
        failed_login "Sorry, that username/password doesn't work" 
      end
    end
end
def open_id_authentication(identity_url)
    authenticate_with_open_id(identity_url) do |status, identity_url|
      case status
      when :missing
        failed_login "Sorry, the OpenID server couldn't be found" 
      when :canceled
        failed_login "OpenID verification was canceled" 
      when :failed
        failed_login "Sorry, the OpenID verification failed" 
      when :successful
        if @current_user = @account.users.find_by_identity_url(identity_url)
          successful_login
        else
          failed_login "Sorry, no user by that identity URL exists" 
        end
      end
    end
  end
private
  def successful_login
    session[:user_id] = @current_user.id
    redirect_to(root_url)
  end
def failed_login(message)
  flash[:error] = message
  redirect_to(new_session_url)
end
  1. Set #root_url if your root url has a different named route. #
  2. map.home ’’, :controller => ..., :action => ... #
  3. Otherwise, name the route ‘root’ and leave this method out. def root_url home_url end

Simple Registration OpenID Extension

Some OpenID Providers support this lightweight profile exchange protocol. See more: http://www.openidenabled.com/openid/simple-registration-extension

You can support it in your app by changing #open_id_authentication

def open_id_authentication(identity_url)
  # Pass optional :required and :optional keys to specify what sreg fields you want.
  # Be sure to yield registration, a third argument in the #authenticate_with_open_id block.
  authenticate_with_open_id(identity_url, :required => [:nickname, :email], :optional => :fullname) do |status, identity_url, registration|
    case status
    when :missing
      failed_login "Sorry, the OpenID server couldn't be found" 
    when :canceled
      failed_login "OpenID verification was canceled" 
    when :failed
      failed_login "Sorry, the OpenID verification failed" 
    when :successful
      if @current_user = @account.users.find_by_identity_url(identity_url)
        # registration is a hash containing the valid sreg keys given above
        # use this to map them to fields of your user model
        {'login=' => 'nickname', 'email=' => 'email', 'display_name=' => 'fullname'}.each do |attr, reg|
          current_user.send(attr, registration[reg]) unless registration[reg].blank?
        end
        unless current_user.save
          flash[:error] = "Error saving the fields from your OpenID profile: #{current_user.errors.full_messages.to_sentence}" 
        end
        successful_login
      else
        failed_login "Sorry, no user by that identity URL exists" 
      end
    end
  end
end

Copyright© 2007 David Heinemeier Hansson, released under the MIT license

NOTE: This description has been extracted from the Plugin README and so the formatting may need updating to make browser friendly

Edit Edit | Report Report

Users


See all 52 member details


Membership

+ Join this railsplugin

Record Maintainer

'None'