Installation
Add this line to your application's Gemfile:
gem 'lra_client'
And then execute the following to setup:
$ bundle install
$ bundle exec rake lra_client:install:migrations
$ bundle exec rake db:migrate
To configure the client, add a new initializer to your project with the following:
LraClient.app_id = [your app ID]
LraClient.key = '[your app key]'
LraClient.domain_namespace = 'https://my.website.com/[mountpoint]'
LraClient.login_completion_url = '[where to redirect after login attempt]'
Finally, mount the engine into your config/routes.rb
file:
mount LraClient::Engine, at: '[mountpoint]'
(A good example mountpoint for the above might be simply /lra
)
Usage
Assuming you have mounted the engine at /lra
, direct your users to /lra/login
in order to
start the login process. After a login attempt, your user will be redirected back to the endpoint
you have specified by LraClient.login_completion_url
. If the login was successful, a record
in the lra_client_users
table will have been created with some basic details. In addition,
two session variables will have been set to identify the user:
session[:current_user_id] # the ID of a LraClient::User
session[:current_user_type] # always set to the string "LraClient::User"
At any point, you can validate that the current user has a valid LRA session by calling
LraClient.validate_session(session)
. The LraClient::User
object will be returned if
the session is valid, and nil
otherwise. This can be used to restrict access to pages
by doing something similar to:
before_filter :validate_session
def validate_session
@current_user = LraClient.validate_session(session)
return true if @current_user.present?
redirect_to '/lra/login'
false
end