Granted I am over a month late on this, but I had a backlog on my podcasts (I currently have almost 600 unlistened podcasts). In episode #32 of the Rails Envy podcast they gave a shout out to can_has_auth. I just thought it was pretty cool and wanted to thank them for the mention. I met Jason and Gregg at last years Lone Star Ruby Conf and they are both solid guys, even if they chose to play werewolf instead of going out to 6th street. Here’s the link to the show notes for the podcast. Rails Envy #32

I’ll be honest, I’m a Merbaholic. I think about Merb, I dream about Merb, I even bought a pug and named him Merb (points to you if you get that last joke). Well…part of that is true. I do, however, use it for all my new projects. As with any project a common need is user authentication, cause you gotta have users. There’s merbful_authentication a port of Rick Olson’s restful_authentication to merb, but that didn’t seem to fit with the philosophy behind Merb. It was very railsy with the generators in options. I decided there had to be a better way. Ben and I talked about came up with a baisc idea of how it should work, but never did anything with it. Then I read Aaron Wheeler’s post about distributed mvc and decided to get off my ass and do it. The end result is two gems can_has_auth, which works with datamapper 0.3.x, and can_has_auth_core, which works with the latest trunk of dm-core.

So why distributed mvc instead of generators? First, you can’t really test generators. You can test the code they generate, but you can’t really test the templates, which makes it harder to debug. This approach has specs in the gem that test the code throughly. This isn’t meant to be the end all be all of user models and authentication, it just gives you a nice set of defaults to build on. It has default templats, which will be over written if you create a view of the same in the appropriate folder (e.g /views/user/new.html.*). If you want to extend any of the models or classes you can just re-open them by adding a file of the same name in you app directory. So in other words it works with your code rather than replacing it like restful_auth does. If you need to really customize the code create a gems directory in your app and run “gem install can_has_auth -i /path/to/gems/directory” and it will put all the code in you app. Oh and it use it in your app you only need one line of code. In init.rb add ‘dependency “can_has_auth”‘ and you’re good to go. It’s hard not to love that.

The gem also includes something neat I wrote that isn’t in restful_auth, restful password management. This allows users to reset their password if forgotten and then change it after entering a reset code. It also allows logged in users to change their current passwords. This is all tested by specs. Also the controller specs only test the controller logic. It bothered me that the controller specs were testing model logic (such as whether or not a user had a login). I have more plans for the plugin including configuration options for catpcha or email for authentication and whether to use an email or a login name to identify a user. For now check out the gems and give me feedback.

For you skimmers, here’s the gems can_has_auth and can_has_auth_core.