views:

563

answers:

2

How would you go about allowing a user to log in with multiple openid accounts and optionally a password, using authlogic?

A: 

I don't know about a one line configuration to accomplish this, but find_by_login_method will get you the first part of using multiple openids. As for the optional password, you'll probably have to do some checking with verify_password_method to determine when that password is needed.

Robert Rouse
How would this work exactly? Does acts_as_authentic still go in the User model? Is the openid_identifier only used in the find_by_login method in Authlogic so it will work to have it in a separate table?
ryanb
Also what about validations? I believe Authlogic adds validations to the openid_identifier attribute, is there a good way to ignore them in User and apply them in the separate model?
ryanb
+1  A: 

Looks like if you set the find_by_openid_method, you can reference anything: http://authlogic-oid.rubyforge.org/

From the docs:

class User < ActiveRecord::Base
  def self.find_by_openid_identifier(identifier)
    user.first(:conditions => {:openid_identifiers => {:identifier => identifier}})
  end
end
stonean
Thanks. Do you know of some module to include in the OpenidIdentifier model so it carries over some of the functionality? Such as the validations and auto-correction of the openid url.
ryanb
Guessing here, but including AuthlogicOpenid::ActsAsAuthentic looks like a good candidate for that functionality.
stonean
The trouble with the finder, is that you may need to act upon data returned from the openid provider like ax or sreg fields, so you need to also hook in when that information comes back so you can populate a model. Also, you do not want to store your openid identifier in your user table.
Sam Saffron
@Sam, if you override map_openid_registration you can assign registration vars. Does that do what you want? See http://railscasts.com/episodes/170-openid-with-authlogic
ryanb
@Ryan, I think it probably would, but I am so far down the rabbit hole of writing my own (I have registration and login working with ax and sreg ... including googles weird url rewriting) will extract it to a lib and post it here when its fully tested.
Sam Saffron