

Authlogic : Simple & smart Rails authentication - Corrado
http://wiki.github.com/binarylogic/authlogic

======
trevorturk
I played with Authlogic, but I ended up switching back to
restful_authentication. I know using generators is a bit more "dirty" but I
just couldn't get behind Authlogic. It seemed too mysterious to trust for such
a core piece of a web application. Especially considering a minimal amount of
good old Ruby code will suffice, as opposed to learning your way around this
new tool and DSL.

What really made me decide to drop Authlogic was when I realized it was
silently adding validations to my model. I had to dig into the source to find
the documentation about that, which really turned me off.

I'm glad people are finding it useful, and I think it's a worthwhile project.
I just found that it wasn't my cup of tea. So, I'd encourage people to take
some extra time to play with it in a branch before really committing to it.
You might consider using the options to make it act like
restful_authentication in case you decide to make a change later.

------
mtarnovan
We switched to authlogic for our newest project. We even have a Rails project
template that generates everything needed for authlogic (including mailer). If
you're interested, check out the template here:
[https://svn.cubus.ro/svn/trunk/cubus-
utils/rails/templates/c...](https://svn.cubus.ro/svn/trunk/cubus-
utils/rails/templates/cubus.rb) . Feedback is welcome.

~~~
ryanmahoski
Does your link require a password?

~~~
mtarnovan
No. (But it's read only)

------
theBobMcCormick
This looks really interesting. I've been building a Rails app with Restful
Authentication, and while it's a lot better than writing everything myself,
it's pretty kludgy in a lot of ways, the most obvious of which is that the
whole thing is a big generator. Which means that, as near as I can tell, once
you've written your application with Restful Authentication, there's no easy
way to upgrade your application to later versions of Restful Authentication.

~~~
trevorturk
restful_auth is actually a bit of a hybrid. So, there are some shared
libraries that do a lot of the heavy lifting, and then a bunch (too much?)
generated code that gets put into your project directly.

Lately, I've found myself pulling the restful_auth plugin out of my app and
seeing what breaks. Then, I'll grab the stuff that's necessary and put it into
my lib directory. This helped me figure out exactly what was going on and why.
Finally, I trimmed out the stuff that I didn't want. I feel better about
knowing what's going on that way, because it is a bit confusing.

I'd certainly say neither solution is perfect, but I still prefer restful_auth
approach because it seems more... I don't know... straightforward? Still, the
situation could stand for further improvement :)

------
mrduncan
Here are some really helpful tutorials from the author:
<http://www.binarylogic.com/authlogic>

