I took a break from coding, but was still looking for a useful set of tools for developing web applications. And I think I found a solution that fits my needs (small core but extensible, modular, reasonable features, usable documentation or active user groups at least).
The goal was to create a backend that would output json objects that could be processed in an independent frontend.
First step was to generate a project following the guide
padrino g project -d datamapper -a mysql -e none
I set renderer (-e option) to none because I am using rabl for templating the json output.
For authentication I chose warden. So I added these to the Gemfile
Then turned to the app/app.rb and added
use Warden::Manager do |manager|
manager.failure_app = myApp
Warden::Manager.serialize_into_session do |user|
Warden::Manager.serialize_from_session do |id|
For creating the model I used the padrino generator again, since the user model is pretty straight forward (extend as needed)
padrino g model User username:string password:string email:string
After setting up config/database.rb you can create the database by using
padrino rake dm:create
To have some entries in the database to work with I costumize the db/seeds.rb which is mentioned in the padrino blog tutorial
Having done this warden should be in the system but is not working yet, since we have to define at least one strategy:
For now I like to use a common username/password login, which is already defined as default in manager.default_strategies. (You could add others if you wanted to, look at the warden-wiki for details)
... code goes here ...
... code goes here ...
? success!(user) : fail!("Invalid")
So in valid? you would define the requirements that have to be met to go on with the authentication process. In this case checking params[“username”] && params[“password”] would make sense.
After creating a usable authentication! function request to a controller can be authenticated via adding env[‘warden’].authenticate! before the login controller code.
If authentication was successful you can add env[‘warden’].authenticated? to following controllers and get the user (or what you decided to return for success) by calling env[‘warden’].user.
I tested this with curl, since the frontend is intended to be independent. I put the login process in a post route, so
after starting padrino
curl -d "username=...&password=..." localhost:3000/login
gave me the defined output of a successful login.
One pitfall when testing a subsequent controller with curl is that in contrast to a browser you have to add the cookie information. In order to get it you could call
curl -vvv -d "username=...&password=..." localhost:3000/login
and can extract the rack.session=… …; and call the controller with
curl --cookie "rack.session=... ...;" localhost:3000/subsequent_controller