5

I have been programming with both Sinatra and Padrino for quite some time now. However, I am still not able to find the right authentication and authorization solution for Padrino. Let me explain my expectation and what I have already tried out.

With Sinatra, I successfully use the sinatra-authentication gem along with the role_model gem. I generally use the Mongoid ORM for talking to MongoDB. These two gems together let me take care of authetication, protecting routes, checking for roles of the logged in user for applying access control.

sinatra-authentication doesn't work with Padrino - it is very specific to Sinatra. I tried it out multiple times. I have already tried out both omniauth and warden with the corresponding Padrino modules but for one reason or another I am not able to get them to work as simply as the wonderful sinatra-autentication gem.

So - before I can attempt implementing a solution of my own (or porting sinatra-authentication to Padrino) - can anyone suggest any other authentication and authorization solutions? At the moment I don't need anythign fancy - simple database-based authentication will just work perfectly.

Abhas Abhinav
  • 51
  • 1
  • 3

4 Answers4

3

I know that the question is two years old. But I recently still had the same trouble that padrino-warden ist badly documented and I faced a lot of problems. So I documented my findings on workaround.org. May it help the less fortunate.

I consider padrino-admin a nice scaffold to learn from. But the user model is rather inflexible. And the authorization concept is strangely doing what the authors of Padrino don't like: putting configuration paths in a central place instead of moving configuration into the controllers. (The padrino-admin has further problems like missing pagination and missing support for foreign keys. So it's not remotely comparable to what Django provides.)

Christoph Haas
  • 83
  • 2
  • 7
1

Ryan Bates has a great Rails screencast on how to do this (not free: http://railscasts.com/episodes/250-authentication-from-scratch-revised).

It shouldn't be too hard to adapt the Rails Magic away and do the same thing for Sinatra or Padrino.

Now, this might not be a good fit if you need tons of features like forgotten passwords, etc. But once again, those shouldn't be too hard to adapt.

cbmeeks
  • 11,248
  • 22
  • 85
  • 136
1

A standalone authentication solution for Padrino has been discussed, but has not been resolved yet. In the mean time, one popular suggestion is to use padrino-warden.

Disclaimer: I'm in a similar situation as OP and have no experience in running personal-warden in production, yet.

pithyless
  • 1,659
  • 2
  • 16
  • 31
  • Yup, to shed some light on this - this has been scheduled for v1.0. We may end up implementing an API to plug your own solution (along with recommendations/suggestions) and separate concerns between authorisation and authentication. Keep tuned on the issue highlighted by @pithyless. – Darío Javier Cravero Jan 06 '13 at 02:32
0

I suggest to use the builtin authentication solution, just take a look on padrino-admin, you can use Padrino::Authentication without admin inside any app you need.

It's pretty simple, role/path based.

http://www.padrinorb.com/api/Padrino/Admin/AccessControl/Base.html#allowed%3F-instance_method

DAddYE
  • 1,719
  • 11
  • 16
  • 3
    Using padrino-admin forces you to work with the account model generated by admin (or workaround it); which may not be optimal for the OP. More importantly, there are open security issues (https://github.com/padrino/padrino-framework/issues/384) anyone who deploys padrino-admin in production should be aware of. – pithyless Oct 28 '11 at 14:30
  • 2
    That security is issue was closed 2 years ago, fyi future viewers – Jonah Nov 21 '13 at 07:15