Gem plugin‎ > ‎

OpenID authentication

This set of operation has been done after installing resful_authentication plugin

Install gem
  gem install ruby-openid

Install plugin
  ruby script/plugin install open_id_authentication

Create the migration file
  if you want to create authentication table for use with OpenIdAuthentication
  ruby open_id_authentication:db:create
  otherwise if you want to upgrade authentication table for use with OpenIdAuthentication
  ruby open_id_authentication:db:upgrade

Then modify the migration files adding
  to self.up
  add_column :users, :identity_url, :string
  and to self.down
  remove_column :users, :identity_url

and run the migration command
  rake db:migrate

Add to routes.rb
  map.open_id_complete 'sessions', :controller => 'sessions', :action => 'create',
                                   :requirement => {:method => :get}

and to user.rb model a new attr_accessible
  :identity_url

Add to new.rhtml session view
  <label for="openid_url">OpenID URL</label>
  <%= text_field_tag "openid_url" %>

Edit the sessions_controller.rb controller as to accept authentication with OpenID
  in the create method add
  if using_open_id?
    open_id_authentication(params[:openid_url])
  else
    password_authentication(params[:login], params[:password])
  end

  and the new methods
  def open_id_authentication(openid_url)
    authenticate_with_open_id(openid_url, :required => [:nickname, :email]),
                                         do |result, identity_url, registration|
      if result.successful?
        @user = User.find_or_initialize_by_identity_url(identity_url)
        if @user.new_record?
          @user.login = registration[:nickname]
          @user.email = registration[:email]
          @user.save(false)
        end
        self.current_user = @user
        successful_login
      else
        failed_login result.message
      end
    end
  end
    
  def password_authentication(login, password)
    self.current_user = User.authenticate(params[:login], params[:password])
    if logged_in?
      successful_login
    else
      failed_login
    end
  end
  
  def failed_login(message = "Authentication failed")
    flash.now[:error] = message
    render :action => 'new'
  end
  
  def successful_login
    if params[:remember_me] == "1"
      current_user.remember_me unless current_user.remember_token?
      cookies[:auth_token] = { :value => self.current_user.remember_token,
                        :expires => self.current_user.remember_token_expires_at }
    end
    redirect_back_or_default('/')
    flash[:notice] = "Logged in successfully"
  end

It's done!

Note:
If you use OpenID with restful_authentication with email confirmation for signup i suggest doing following modification in order to avoid sending email if the registration is made through OpenID:
  in user.rb add at the beginning of make_activation_code method
  return if password.blank?
  in user_observer.rb add at after_create(user)
  unless user.active?  # Added to avoid activation_mail sending with OpenID registration
    UserMailer.deliver_signup_notification(user)
  end

Comments