How do I login a user without a password?

[desbest]

How can I make a user login without giving the user_login method, a password?

I'm using Login with Facebook, and I'd like to login the user who matches up with the facebook profile id, but to do so, I cannot have their password, so I'd just like to log the person in with their username only.

[desbest]

It looks like Ramaze is hasing the already hashed password, and comparing that password to the existing hashed password. How do I stop that?

[Yorick Peterse]

Desbest,

Assuming you're using the User helper you'd have to modify your
"authenticate" method to work with Facebook logins. If this doesn't work
out you can probably write a small wrapper around the User helper and a
custom helper than handles Facebook authentication. On a basic level
this would look something like the following:

def authenticated?
if facebook_logged_in? or logged_in?
return true
else
return false
end
end

Also keep in mind that Ramaze itself performs no hashing of passwords
out of the box, at least not with the User helper. Most likely your own
code is not capable of dealing with different authentication methods
being processed by the same piece of code.

It would also help to post some code in future questions/replies. Merely
stating something doesn't work without showing any examples doesn't
exactly make it easier for others to help you.

Yorick

[tynamite]

Thanks to you I managed to fix this myself by using this code.

model/user.rb has to be modified so
if !user.nil? and user.password == password #user/pass login
      return user

changes to
if !user.nil? and user.password == password #user/pass login
      return user
elsif $fb_goforth === true #facebook login
      return user

And $fb_goforth comes from my controller/users.rb controller from a def fb_login action
This action has this line in it. (Other stuff goes in here too depending on your implementation.)
if @lookup then $fb_goforth = true; else $fb_goforth = false; end

Yorick

--
You received this message because you are subscribed to the Google Groups "Ramaze" group.
To post to this group, send email to ram...@googlegroups.com.
To unsubscribe from this group, send email to ramaze+unsubscribe@googlegroups.com.
For more options, visit this group at http://groups.google.com/group/ramaze?hl=en.

[desbest]

For anyone who is reading this thread in the future, I've made an edit for future reference so when you go back to it, you see the corrections made below.

 

   model/user.rb  

 

Change the 3rd block of code inside def self.authenticate(creds) that authenticates to

 

if !user.nil? and user.password == password && !flash[:fblogout] #user/pass login

  return user
elsif $fb_goforth === true #facebook login
  return user

else
  return false
end

 

   controller/users.rb     

def logout

  user_logout
  session.clear
  $fbprofile = nil
  flash[:fblogout] = 'yes'
  redirect(Main.r(:index))
end

 

   controller/users.rb (again!)   

 

This leaves a question, what is $fbprofile for, if it's obvious from reading above what flash[:fblogout] is for, and $fbprofile hasn't appeared anywhere yet.

You're supposed to use $fbprofile inside controllers/main.rb inside the before_all block/method, for whatever ruby gem you are using to authenticate your user with Login with Facebook.

$fbprofile is a hash that contains the information of the authenticated facebook user, with their name, age, and location.

 

This also leaves another question. When do I use $fb_goforth ?

 

$fb_goforth is used to say that someone has just successfully logged into their user account of your website, by authenticating with their Facebook account.

This is what tells the self.authenticate method that you are logged in, so it can fetch your account as the user object. Yes this interegates with Ramaze's User helper.

 

If you're using the Javascript SDK you should login users into their user account once they have authenticated with Facebook. The controller looks like this.

 

def fb_login

  # ... stuff here ...

  if @lookup then $fb_goforth = true; else $fb_goforth = false; end

  # ... stuff here ...

end

 

^^ Figure out that part of the code yourself. ;) ^^

[Michael Trommer]

I think you abuse the flash[] thingy in this case. Also you use a global variable, which is just not neccessary because you can use session[]. Never ever use global variables!

To view this discussion on the web visit https://groups.google.com/d/msg/ramaze/-/N2NaR7Uwy1QJ.

To post to this group, send email to ram...@googlegroups.com.

To unsubscribe from this group, send email to ramaze+un...@googlegroups.com.

For more options, visit this group at http://groups.google.com/group/ramaze?hl=en.

--
So far,
 -- Michael 'entropie' Trommer

Whenever people agree with me I always feel I must be wrong.
  -- Oscar Wilde