Does anyone know how to integrate Active Admin with Authlogic (I'm using authlogic_ldap_authenticatable gem to authenticate to AD)? I know Active Admin uses Devise, so what changes should I make to Active Admin for it to work with Authlogic? Thanks in advance.
Note: I used Rails 3.2.8 and Active Admin 0.5.0 when I did this.
Here's one way to do it:
First, update Gemfile by adding gem activeadmin, and run the rails generate active_admin:install. These are as instructed in the Active Admin README.
Typically there's already a User model that uses Authlogic, and if you plan to use that, remove all files for the new Admin User that Active Admin has generated by default:
db/migrate/*_create_admin_users.rb (migration file)
app/models/admin_user.rb
spec/models/admin_user_spec.rb
Remove Devise-specific files:
config/locales/devise.en.yml
config/initializers/devise.rb
Remove the Devise reference in config/routes.rb.
There's a generated file app/admin/admin_user.rb. You can reuse it by renaming the file to user.rb, register User in it instead of AdminUser, and remove indices on columns specific to Devise. Or, you can just delete the file altogether, and just create your own from scratch.
Update the following in your Active Admin config (see config/initializers/active_admin.rb):
config.authentication_method
config.current_user_method
config.logout_link_path
The default config.authentication_method is :authenticate_admin_user. Set it to whatever before filter method you use for requiring an admin user, e.g. :require_admin. The default config.current_user_method is :current_admin_user. A typical Rails app that uses Authlogic might have a :current_user method for this. And config.logout_link_path should be set to your path for logging out, e.g. :logout_path.
You may need to modify these instructions according to your case.
Related
This gem ("devise_token_auth") is used for token authentication for applications using JSON APIs for front-end development.
Can we use this gem for server side rendering? If yes, then how to add the token from a previous response to the current request?
I don't know if this is still a pressing matter for you, but I'd like to throw in some advice.
For your API you can throw in devise_token_auth and it will do what everything you need for authentication there.
And if you need authentication with server-side rendering of pages (such as login forms, reset password forms, etc.) just throw in regular devise too. It will work with your exact same User model and table, and there will be little friction to get things up and running with the same resources you use with devise_token_auth.
Gemfile
#autentication and authorization
gem 'devise', '~> 3.5', '>= 3.5.6'
gem 'devise_token_auth', '0.1.37'
Then run
bundle
Run the installer for devise:
rails generate devise:install
Then generate your user model:
rails generate devise User
Install devise_token_auth now:
rails g devise_token_auth:install User "auth"
And make sure your database is migrated:
rake db:migrate
I think devise_token_auth may overwrite your user model, I'm not certain, but if it does, keep the migrations for devise_token_auth only and ignore the migrations for Devise.
Then make sure your routes.rb matches this:
Rails.application.routes.draw do
devise_for :users
root "home#index"
namespace :api, defaults: { format: :json } do
namespace :v1 do #I namespace my routes
mount_devise_token_auth_for "User", at: "auth"
end
end
end
devise_for must come before mount_devise_token_auth.
Then just refer to the official devise and devise token auth documentation to get both solutions working for you.
Hope this helps anyone who reaches this point and has a need to authenticate users on mobile app and on browser web app.
I am using cancan gem with rails3. Here I have same log in form for all roles. I have a admin section. Normal authentication check user log in or not but not check his role admin or not.
So normal user can see admin pages using admin url (myapp/com/admin/users), how to authenticate ?
Thanks
Prasad
As far as I know CanCan is not for authentication but for authorization
Use something like Devise gem for authentication. And CanCan's ability class to enforce authorization.
You can also manually check if a user is permitted to perform an action using a before_filter hook.
I am using active admin and devise in rails 4. When i am logging out to the active admin user it will automatically logging out to the devise user also.
Any help would be appreciated....
Thanks
You could set a custom logout path in your active_admin.rb file. Look for the line with config.logout_link_path
I got an API that I have developed using Rails 3 and Devise. I am using tokens (token_authenticatable) for authentication for requests made to the API from a client. I want to be able to switch between users in the requests just be replacing the token.
I heard about a setting called :stateless_token (boolean) but I cannot figure out where to put this setting. Is there another way?
If found the token_authenticatable here:
https://github.com/plataformatec/devise/blob/master/lib/devise/strategies/token_authenticatable.rb
If found info about the stateless_token here:
http://rdoc.info/github/plataformatec/devise/master/Devise/Models/TokenAuthenticatable
stateless_token is deprecated as of now. This is the new form (it allows more auth strategies to be stateless):
# config/initializers/devise.rb
config.skip_session_storage = [:token_auth]
You can also edit the file /config/initializers/devise.rb and put (or uncomment, if already there) the following line:
config.stateless_token = true
It should be an option in your devise_for line in the routes file.
devise_for :users, :stateless_token => true
Let me know if that works,
In this page of documentation for devise it says that "TokenAuthenticatable adds the following options to devise_for:" with stateless token being one of them.
Also here is a link to the devise_for documentation
My rails 3.0.3 app uses devise gem (1.1.5) for authentication and before I wasn't using the :registerable module. I have since added that to enable users to sign up. I then implemented my own registration controller which extends Devise::RegistrationsController. Now when I visit the url /users/sign_up. I get "Missing template error" because rails doesn't find the registration views under app/views. I had generated the devise views using rails generate devise_views which means that my registration views are under app/views/devise/. When I copy the views to app/views/ folder it works. This doesn't seem very DRY. Is there a way of telling rails to use the views in app/views/devise?
thanks,
Kibet.
The easiest way is to add a line in \config\application.rb
config.paths['app/views'] << "app/views/devise"