10

How would you go about allowing a user to log in with multiple openid accounts and optionally a password, using authlogic?

Sam Saffron
  • 128,308
  • 78
  • 326
  • 506
  • +1, I would like to see an example of this too. Ben (author of Authlogic) mentioned here it is one line of configuration but I don't know what line. See here: http://bit.ly/2Bu9D – ryanb Aug 18 '09 at 02:29
  • @ryanb, I doubt this is configurable, but really hope to be proven wrong, the whole implementation seems to rely on changes to the user table as opposed to having a has_many to an openid url table. – Sam Saffron Aug 18 '09 at 02:40

2 Answers2

1

Looks like if you set the find_by_openid_method, you can reference anything: http://authlogic-oid.rubyforge.org/

From the docs:

class User < ActiveRecord::Base
  def self.find_by_openid_identifier(identifier)
    user.first(:conditions => {:openid_identifiers => {:identifier => identifier}})
  end
end
stonean
  • 1,218
  • 1
  • 9
  • 7
  • Thanks. Do you know of some module to include in the OpenidIdentifier model so it carries over some of the functionality? Such as the validations and auto-correction of the openid url. – ryanb Aug 18 '09 at 23:53
  • Guessing here, but including AuthlogicOpenid::ActsAsAuthentic looks like a good candidate for that functionality. – stonean Aug 19 '09 at 00:08
  • The trouble with the finder, is that you may need to act upon data returned from the openid provider like ax or sreg fields, so you need to also hook in when that information comes back so you can populate a model. Also, you do not want to store your openid identifier in your user table. – Sam Saffron Aug 19 '09 at 00:17
  • @Sam, if you override map_openid_registration you can assign registration vars. Does that do what you want? See http://railscasts.com/episodes/170-openid-with-authlogic – ryanb Aug 19 '09 at 01:00
  • @Ryan, I think it probably would, but I am so far down the rabbit hole of writing my own (I have registration and login working with ax and sreg ... including googles weird url rewriting) will extract it to a lib and post it here when its fully tested. – Sam Saffron Aug 19 '09 at 01:27
0

I don't know about a one line configuration to accomplish this, but find_by_login_method will get you the first part of using multiple openids. As for the optional password, you'll probably have to do some checking with verify_password_method to determine when that password is needed.

Robert Rouse
  • 4,801
  • 1
  • 19
  • 19
  • How would this work exactly? Does acts_as_authentic still go in the User model? Is the openid_identifier only used in the find_by_login method in Authlogic so it will work to have it in a separate table? – ryanb Aug 18 '09 at 23:28
  • Also what about validations? I believe Authlogic adds validations to the openid_identifier attribute, is there a good way to ignore them in User and apply them in the separate model? – ryanb Aug 18 '09 at 23:45