AuthLogic was the first authentication gem I chose for Rails 3.1. It works, but I have issues with the documentation - its not clear, and there just aren't enough configuration examples to figure out how to set it up.
Its ironic, because the documentation says...
A code example can replace a thousand words...
But one of the examples they provide is:
class User < ActiveRecord::Base acts_as_authentic do |c| c.my_config_option = my_value end # the configuration block is optional end
Ugh! Seriously. Why not use a real configuration option??
From what I've gathered, there are two places that options are set:
For User, configuration options are set in a block, like so:
1 class User < ActiveRecord::Base 2 acts_as_authentic do |c| 3 c.logged_in_timeout = 1.day 4 end
and for UserSession, they are set with class methods, like so:
1 class UserSession < Authlogic::Session::Base 2 self.logout_on_timeout = true 3 self.last_request_at_threshold = 10.minutes 4 end
I hope you find this useful, I sure could have used a page like this tonight!
NOTE: I've since switched to Devise, but not for my complaints mentioned above. I really like the fact that Devise can hook right into Rack.