Rails RESTful Authentication Example Application

August 13, 2008

I’ve released an open source Rails application that provides an example of RESTful Authentication.

It provides a complete system for managing users, including sign up and verification of a new user’s email address, login with role-based access control, and a system of resetting forgotten passwords, all using a RESTful architecture.

You can easily customize the application for your own needs.

You can obtain the source code here:

It is based on recommendations from the forum discussion Restful Authentication With All the Bells and Whistles.

UPDATE: I’ve set up an account at Get Satisfaction for discussion and bug reports.

8 Comments | how to | Tagged: | Permalink
Posted by Daniel Kehoe

Merb Example Apps

May 13, 2008

I’ve looked at a number of open source Rails apps that can be used as a starting point for a project (see the post Survey of Rails Example Applications).

Since I’m considering starting a project using Merb instead of Rails, I wanted to review a collection of open source Merb apps. I didn’t have to look any further than the list of Open Source Merb Apps on the Merb wiki. The author even said, “Sometimes staring at code can be a good learning technique in addition to tutorials and documentation.”

Leave a Comment » | resources | Tagged: , | Permalink
Posted by Daniel Kehoe

Open Source Social Network Apps for Rails

April 18, 2008

I’ve been looking for a Rails example app that demonstrates “best practice” development techniques and provides basic features, to be used as a “skeleton” starting point for development of a new project.

I’m primarily interested in finding an app that is written for Rails 2.0, that implements a RESTful architecture, and uses RSpec for specifications/testing. Optimally, it should implement authentication (using restful_authentication) and authorization, provide an interface for users to manage their accounts (or profiles), and provide a rudimentary administrative interface for adding or deleting users. I’ve looked at a number of open source apps (see the post Survey of Rails Example Applications).

There are three open source social network apps for Rails that come close to fulfilling my requirements. I’ll compare them here.

LovdbyLess is a social network platform from the development firm Less Everything. It is hosted on GitHub at stevenbristol/lovd-by-less. It is RESTful and uses Rails 2.0 but not RSpec or restful_authentication.

RailsCoders is the example app from the book Practical Rails Social Networking Sites, published by Apress. It’s a full-featured app and it is RESTful. The author chose to implement his own authentication (using RESTful principles) rather than using the restful_authentication plugin. The app was written for Rails 1.2.3, not Rails 2.0, but an upgrade is relatively easy. It has Test::Unit tests but not RSpec specifications/tests. As of April 11, 2008, it is hosted on GitHub at abradburne/railscoders, where the author has begun work on a new version of the app.

The authors Michael Hartl and Aurelius Prochazka built a social network app named RailsSpace for a book of the same name. RailsSpace doesn’t meet my minimal requirements (not Rails 2.0, not RESTful, no RSpec) but Michael Hartl is taking the lead in developing a new social network app named Insoshi, which improves on RailsSpace. It is hosted on GitHub and development has been funded by Y Combinator, a venture capital incubator. Insoshi is a Rails 2.0 app, full-featured and RESTful, uses restful_authentication and RSpec, and thus meets my requirements.

Leave a Comment » | decisions | Tagged: | Permalink
Posted by Daniel Kehoe

Rails Tutorial Showing RESTful Authentication

February 22, 2008

This tutorial, Restful Authentication with all the bells and whistles, uses Rails 2.0.2 and accommodates user account activation, changing passwords, forgotten passwords, enabling/disabling users, roles and OpenID.

It has advantages over the Caboose Sample rails application because it is accompanied by extensive community discussion, which serves as documentation. It is also more full-featured and up-to-date.

It’s missing any testing (no Test::Unit or rspec). Otherwise, it could be a good starting point for a Rails example app.

1 Comment | resources | Tagged: | Permalink
Posted by Daniel Kehoe

How to Tell if a Rails Example is Up-to-Date

February 19, 2008

Do you check the “sell-by” date on a carton of milk before you buy it? Unfortunately, there is no date on a Rails app to indicate if it has been written with recent best practices in mind. So check for a sour smell. Here are some indicators I look for.

First, is it RESTful? More than anything else, a RESTful architecture makes an app easier to understand, customize, and maintain. To determine if the developer used a RESTful architecture, look at the code for the controllers. If there are any methods other than index, show, new, create, edit, update, and destroy the developer has strayed from RESTful purity.

Second, has the app been written or updated for use with Rails 2.0? If you’re beginning a project, you’ll want to start with Rails 2.0. Some things are done a little differently in Rails 2.0. If you’re using an example app as a guide, make sure it’s a good example of how to do things with Rails 2.0.

To determine if the developer wrote for Rails 2.0:

In the config/environment.rb file, look for
RAILS_GEM_VERSION = '2.0.2'

Look for the folder config/initializers. Before Rails 2.0, the config/environment.rb file was cluttered with bits of initialization code. With Rails 2.0, we are encouraged to move initialization code to separate files in the config/initializers folder.

Take a look at the files in the Views folder. With Rails 2.0, the recommended practice is to use the file extension .html.rb. You don’t have to do that, but it is now recommended.

Finally, here is a script that will check a rails app to determine if it is compatible with Rails 2.0:

http://pastie.caboo.se/99900.txt?key=krcevozww61drdeza13e3a

Leave a Comment » | tips | Tagged: | Permalink
Posted by Daniel Kehoe

Survey of Rails Example Applications

February 18, 2008

I’m a firm believer that, as software developers, we always are standing on the toes of those who have gone before us.

So, in that spirit, I’m looking around for Rails example apps that I can use as a starting point for my own.

Many Rails books introduce Rails development through the process of building an example application. The best-documented Rails example apps are the ones in the books. I’ve looked through the books I have at hand. Most of the apps in the books are overly simple (for example, no authentication) or dated (no RESTful architecture).

I looked closely at RailsSpace. The authors Michael Hartl and Aurelius Prochazka fully document the steps to building a typical social networking web site. It is a full-featured app that is more complete than most tutorial applications. Unfortunately, the book was written before RESTful architectures became de rigueur. Only one part of the app is RESTful. Otherwise it might be suitable. UPDATE: Michael Hartl, one of the authors of RailsSpace, is leading development of an open source social network app, named Insoshi, which improves on RailsSpace.

I also looked at RailsCoders, the example app from the book Practical Rails Social Networking Sites, published by Apress. It’s a full-featured app and it is RESTful. The author chose to implement his own authentication (using RESTful principles); I would prefer to use the restful_authentication plugin. The app was written for Rails 1.2.3, not Rails 2.0, but an upgrade is relatively easy. UPDATE: I’ve posted about installing, simplifying, and upgrading the RailsCoders app.

How about open source projects? I looked at a few.

I’ve used the Caboose Sample rails application on other projects, so that’s a potential starting point. The downside? It’s complex and not well documented. (The authors warn, “much of the code is targeted at an intermediate/advanced level”.)

A promising beginning point appears to be the Altered Beast forums application, a newer version of Beast. It’s RESTful. It uses Rails 2.0, rspec, and restful_authentication (with the acts_as_state_machine option). I also liked LovdbyLess, a free open source social network platform. It uses Rails 2.0 but not rspec or restful_authentication.

I posted here to ask for more recommendations.

UPDATE: I found an interesting example app named Jumpstart from the people at Relevance Inc. There’s also kickstart-rails from Mislav Marohnić. And I found RailsStarterApp from David Andrew Thompson and Six Hour Startup.

UPDATE: There’s a new site (announced here) that provides a gallery of open source rails applications. Great idea! And a good place to look for apps that can be studied, adapted, or improved.

UPDATE: I’ve released my own Rails RESTful Authentication Example Application.

3 Comments | decisions | Tagged: | Permalink
Posted by Daniel Kehoe

Looking for a Rails Example App

February 17, 2008

I’m about to start a new development project. For my beginning point, I’d like to use a well-thought-out “best practice” open source Rails web application.

I’m not aware of any open source Rails app that completely matches my requirements. I’m looking for an app that was developed in Rails 2.0, implements a RESTful architecture, and uses RSpec for specifications/testing. And optimally, it would already have authentication and authorization worked out using the restful_authentication plugin.

I’m going to start searching and see what I find.

Leave a Comment » | announcements | Tagged: | Permalink
Posted by Daniel Kehoe