Skip to content
Snippets Groups Projects
README.md 1.22 KiB
Newer Older
elijah's avatar
elijah committed
# AuthenticatedApp

This is a mountable Rails Engine that provides basic authentication and session management.

elijah's avatar
elijah committed
## WARNING

* The password reset mechanism can be used to determine the recovery emails of users,
  particularly if email only option is set. There should be a rate limit or puzzle.
  (although, reset by email does not work with the 'email' column of a user, only
  the recovery_email column)

elijah's avatar
elijah committed
## TODO
elijah's avatar
elijah committed

* Better define requirements
elijah's avatar
elijah committed
* Add option to re-enable a user when the user successfully logs in.
* Add options for flash, etc.

## Requirements

* `haml` gem
* `User` class
* Bootstrap 5
elijah's avatar
elijah committed

## Installation

Add this line to your application's Gemfile:

```ruby
gem 'authenticated_app'
```

elijah's avatar
elijah committed
## Configuration
elijah's avatar
elijah committed

elijah's avatar
elijah committed
`config/initializers/authenticated_app.rb`

```ruby
AuthenticatedApp.configure do |config|
  config.home_url = :home_url  # home for authenticated users
  config.root_url = :root_url  # home for unauthenticated users
  config.email_only = false    # if true, use email for login.
  config.default_domain = 'example.org'
end
elijah's avatar
elijah committed
```

## Integration

```ruby
class ApplicationController < ActionController::Base
elijah's avatar
elijah committed
  include AuthenticatedAppConcern
elijah's avatar
elijah committed
end
```

In `routes.rb`:

```ruby
mount AuthenticatedApp::Engine => "/auth"
```