what is the simplest user auth system possible?

[larry google groups]

I have a website written in PHP, using the Symfony framework, which is a monolithic framework much like what Ruby On Rails used to be. I have been slowly re-writing the website in Clojure, and as I do this I've been breaking up the system into several small apps, rather than one huge monolithic app. For my next step, I need to come up with a user system. My needs are minimal: I only need to know when someone is logged in, and I need to associate them with some user id (the id will simply be the id from a user table kept in MySql).

I am curious what is the absolutely easiest way to do this? I think Ring has functions for sessions, so I could perhaps compose this app with Ring, Jetty, Moustache and Korma? I have almost no experience with Ring, but is it able to handle the sessions? Is there any jar that offers a standard way of handling username and passwords in Clojure, or should I write that code myself?

[Stephen Compall]

On Oct 25, 2012 9:04 AM, "larry google groups" <lawrenc...@gmail.com> wrote:
> For my next step, I need to come up with a user system. My needs are minimal: I only need to know when someone is logged in, and I need to associate them with some user id (the id will simply be the id from a user table kept in MySql).
>
> I am curious what is the absolutely easiest way to do this?

The easiest auth system to write is the one that's already written.

https://github.com/cemerick/friend

--
Stephen Compall
If anyone in the MSA is online, you should watch this flythrough.

[Dave Sann]

For authorisation, I really like mozilla persona (previously browserid) which I discovered from refheap. javascript lib plus an http request from the server to validate. really simple.

https://login.persona.org/

Dave

[Dave Sann]

Sorry, I meant to say authentication.

[Anthony Grimes]

Another +1 for Persona. I'm the author of Refheap which uses Persona, and I chose it specifically because of how easy it was to implement and use.

On Friday, October 26, 2012 3:26:16 PM UTC-5, Pierre R wrote:

+1 for Persona. Please give your user a chance to break the cycle of password madness ;-)

[larry google groups]

What happens if the Persona project closes down?

[Simone Mosciatti]

I never really get Persona (means person in Italian that doesn't really make a lot of sense, but whatever) what if I share my pc with my brother ?

Maybe i miss something...

If you are using mongodb I am using https://github.com/xavi/noir-auth-app that is using congomongo and since i am using monger i port it in https://github.com/siscia/noir-auth-app ...

It manage maybe too much for your need, email authentication, resend email, change password and other fancy stuff, but the code is really clean and full of comments, really good code imo... 

If you have time you could port it to work with korma... it is not a lot of work at all...

[Balint Erdi]

If you share your pc with your brother then using the classic one username/password per site you'd have to log out and back in on each site you want to use (or use another browser/incognito window, etc.)

With Persona you only have to do this once.