Jun
17
Adding your own login method to Authlogic
So on a new project we are working on we have a need for a user to be able to login via either their “Login” or “Mobile” number. Now we are using the Authlogic gem which is a great gem and comes with all default methods for login etc and allows you to customise this very easily.
So firstly you need to add the following to your UserSession model. What this does is overwrite the default login method with the one we are defining below called “find_by_username_or_mobile”.
class UserSession < Authlogic::Session::Base find_by_login_method :find_by_username_or_mobile end
Then in your user model its as simply as creating the class method for login. Now of course the password is still apart of the login process but we only wanted to allow users to either login via their login or mobile so no need to change the password methods.
class User < ActiveRecord::Base
def self.find_by_username_or_mobile(login)
find_by_login(login) || find_by_mobile(login)
end
end
So give it a try and let us know how you go hope this helps
9 Responses
this saved my day!
username or email method done in 1 minute!
Glad to help. We have found a number of other cools things out as well along the way and will post them up soon.
This is very helpful! The only problem that I have is that in my case there isn’t one login field but two: A company id field and a username field.
How would I extend authlogic so that instead of using just one field it uses two?
You should be able to do something like
class UserSession < Authlogic::Session::Base
find_by_login_method :find_by_username_and_company_id
end
class User < ActiveRecord::Base
def self.find_by_username_and_company_id(login, company_id)
find_by_username_and_company_id(login, company_id)
end
end
Michael thanks for that. I did actually go down that route but the problem that I ran into is that authlogic passes only the login field to the find_by_login_method. So I wouldn’t get the company_id.
I am thinking that I may need to fork the code and add a company field by cloning the login field handling but obviously I would prefer not to do this!
Hi Brad,
Yeah the only way l think would be to fork it from what l can see quickly reviewing the gem. A shame really would have thought you could do that simply guess they are just trying to make is as secure as possible.
Good luck with it and let me know if l can help at all and how you go
Hey Michael, thanks a ton! It’s great to be able to discuss this with someone. I was worried that I was missing something really obvious! I did think of concatenating the two fields into one but that really is a bit of a nasty hack and will create problems further down the line.
I guess that authlogic assumes a slightly lower position in the systems’ tree than we need to peg it at. I.e. No authentication branches below it, whereas we are further up the tree with multiple branches below the authentication layer.
Just seen this solution posted by PhattyMatty at googlegroups:
http://groups.google.com/group/authlogic/browse_thread/thread/8c341f4d0af8045f
You’ll want to use validations_scope to do this. Look into this and
authenticates_many for details.
You may have something like this in your models:
class User < ActiveRecord::Base
acts_as_authentic do |c|
c.validations_scope = :company_id
end
[.....associations, etc ....]
end
class Company < ActiveRecord::Base
authenticates_many :user_sessions
[.....associations, etc ....]
end
This much should allow you to create the same user/email for different
companies.
Your sessions controller will have to be updated to reflect that you
are scoping the user to a company for the new, create, and destroy
actions. How you implement this in your app is up to you. Hope this
helps.
Cool thanks for finding that. That should fix the issue. Your right so much better working through the issue with another dev thanks.