DryAuth is a simple AAA solution for Rails applications. It's purpose, as it's name implies, is to provide a simple Do Not Repeat Yourself AAA solution for Rails applications.

DryAuth bundles commonly used gems into a single Rails Engine and provides additional features out of the box:

• A JSON authentication API
• A GUI for CRUD on User and Roles tables for admin roles
• A User Preferences view for a single user to update their profile
• A menu system to access the above
• A view for history changes stored by PaperTrail (todo)
• Auth Profiles for 3rd party authentication credentials mapped to the User

To provide AAA, it depends on the following:

1. Authentication: Devise
2. Authorization: CanCan and Rolify
3. Accounting: PaperTrail

In your Gemfile:

gem "dry_auth"

DryAuth provides drop-in AAA by providing a User model. This model needs to be associated to the application's User model, e.g. Member, Author, etc.

1. Generate a user model, e.g FacebookUser, in the application with a reference to DryAuth::User:

   rails g model facebook_user dry_auth_user:references name
   rake dry_auth:install:migrations db:migrate

2. Update the User model association:

   class FacebookUser < ActiveRecord::Base
     belongs_to :user, class_name: "DryAuth::User"
   end

3. Create an association from an application model to DryAuth::User:

   In the application, create an initializer to add association and delegates to DryAuth::User:

   Rails.application.config.to_prepare do
   
     # 
     # Add an association to the User model to FacebookUser
     #
     DryAuth::User.class_eval do
       # todo conditions on this association? would be when provider.eql? 'facebook'
       has_one :facebook_user, class_name: 'CacheParty::FacebookUser', dependent: :destroy
     end
   
   
     # 
     # Create a new CacheParty::FacebookUser when a new AuthProfile is created and the provider name is 'facebook'
     # NOTE: The method below has knowledge of the inner workings of DryAuth User and AuthUser classes
     #   Specifically, it assumes that the auth_profile will have a valid reference to a user (which is reasonable)
     #
     DryAuth::AuthProfile.class_eval do
   
       # After saving an AuthProfile, check for an existing record of FacebookUser and create one if it doesn't exist
       after_save :facebook_user_create, if: "self.provider.eql?('facebook') and self.user.facebook_user.nil?"
   
       #
       # Create a FacebookUser setting the username to the uid returned from facebook
       #
       def facebook_user_create
         Rails.logger.debug "Creating CacheParty::FacebookUser for DryAuth::User from #{ __FILE__ }\n"
         self.user.create_facebook_user(facebook_id: self.uid)
       end
     end
   
   end

To add fields to DryAuth's User edit view

1. create a partial to render to edit fields:

   The file must live in: app/views/<engine>/users/_form.html.erb

   See: mcp_common/app/views/mcp_common/users/_form.html.erb

1. Strong Parameters on DryAuth::UserController

test

See: https://github.com/EppO/rolify/wiki/Tutorial

See: https://github.com/EppO/rolify/wiki/Tutorial