Skip to content

rails-authentication-with-devise-and-cancan

07/03/2011

Today i was working with configure cancan with devise in my rails application references http://www.tonyamoyal.com/2010/07/28/rails-authentication-with-devise-and-cancan-customizing-devise-controllers/

Here my work

First configure your rails application with devise http://gowithfoss.wordpress.com/2011/02/02/rails-with-devise/

then start cancan

Step 1: Install cancan via gem

$ gem install cancan

Step 2: include cancan gem references in Gemfile

$ gedit Gemfile

gem ‘mysql2′
gem ‘devise’
gem ‘cancan’

step 3: need bundler

$ bundle install

step 4:Next include Devise module.Devise has 11 modules

  1. Database Authenticatable: encrypts and stores a password in the database to validate the authenticity of an user while signing in. The authentication can be done both through POST requests or HTTP Basic Authentication.
  2. Token Authenticatable: signs in an user based on an authentication token (also known as “single access token”). The token can be given both through query string or HTTP Basic Authentication.
  3. Oauthable: adds OAuth2 support
  4. Confirmable: sends emails with confirmation instructions and verifies whether an account is already confirmed during sign in.
  5. Recoverable: resets the user password and sends reset instructions.
  6. Registerable: handles signing up users through a registration process, also allowing them to edit and destroy their account.
  7. Rememberable: manages generating and clearing a token for remembering the user from a saved cookie.
  8. Trackable: tracks sign in count, timestamps and IP address.
  9. Timeoutable: expires sessions that have no activity in a specified period of time.
  10. Validatable: provides validations of email and password. It’s optional and can be customized, so you’re able to define your own validations.
  11. Lockable: locks an account after a specified number of failed sign-in attempts. Can unlock via email or after a specified time period.

i use some module. that  include in  user module as

class User < ActiveRecord::Base
 # Include default devise modules. Others available are:
 # :token_authenticatable, :confirmable, :lockable and :timeoutable
 devise :database_authenticatable,  :recoverable, :rememberable, :trackable, :validatable

 # Setup accessible (or protected) attributes for your model
 attr_accessible :email, :password, :password_confirmation, :remember_me
end

then set your user migration file as

class DeviseCreateUsers < ActiveRecord::Migration
 def self.up
 create_table(:users) do |t|
 t.database_authenticatable :null => false
 t.recoverable
 t.rememberable
 t.trackable
 t.timestamps
 # t.confirmable
 # t.lockable :lock_strategy => :failed_attempts, :unlock_strategy => :both
 # t.token_authenticatable
 end
 add_index :users, :email,                :unique => true
 add_index :users, :reset_password_token, :unique => true
 # add_index :users, :confirmation_token,   :unique => true
 # add_index :users, :unlock_token,         :unique => true
 end
 def self.down
 drop_table :users
 end
end

then check routes.rb as

<pre>devise_for :users

Then set application controller as

class ApplicationController < ActionController::Base
 protect_from_forgery
 before_filter :authenticate_user!, :except => [:some_action_without_auth]
 # Access Current User
 def index
 @things = current_user.things
 end
end</pre>

Step 4: Next generate roles to assign user permission
$ rails g model Role name:string
then set the data in create role migration file
$ gedit db/migration/…..create_roles.rb

class CreateRoles < ActiveRecord::Migration
 def self.up
 create_table :roles do |t|
 t.string :name

 t.timestamps
 end
 end
 def self.down
 drop_table :roles
 end
end

class UsersHaveAndBelongToManyRoles < ActiveRecord::Migration
 def self.up
 create_table :roles_users, :id => false do |t|
 t.references :role, :user
 end
 end
 def self.down
 drop_table :roles_users
 end
end

Step 5: Then create RoleUser for store assigned permission
$ rails g migration RoleUser
Step 6: Edit the role_user migration file to set there references
$ gedit db/migrate/….._role_user.rb
set the data as

class RoleUser < ActiveRecord::Migration
 def self.up
 create_table :roles_users, :id => false do |t|
 t.column :role_id, :integer, :null => false
 t.column :user_id, :integer, :null => false
 end
 end
 def self.down
 end
end

Then set the many to many relationship to both users and roles
$ gedit app/models/roles.rb


has_and_belongs_to_many :users

$ gedit app/models/users.rb


has_and_belongs_to_many :roles

Step 7: Then migrate for create table for models

$ rake db:migrate

then start the rails server visit your application in browser now without authentication not enter your application.

Now i missed it sign_up link

Now i enter localhost:3000/users/sign_up it shows error

user sign in and sign out properly working but sign up not working

About these ads

From → Rails

3 Comments
  1. sravanthi permalink

    could u please send me the screens, and also where i can assign the role for a particular login user.

  2. ukreddy permalink

    where i can assign the role for a particular login user

    send me i detail plz

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

Follow

Get every new post delivered to your Inbox.

%d bloggers like this: