views:

77

answers:

2

Im trying to allow users to login to a website by verifying if they are registered users of a sister website. Im not really sure what is the best way to implement this. The website which is referred to uses authlogic authentication, so would it be wise to have a REST method that the new website calls to obtain a session token of some sort.

Thanks in advance.

+1  A: 

Do you want to check credentials only or sync sessions too? --i.e., if I'm logged in website A, I'm also logged in website B. If it's the second case, you need some sort of single-sign-on solution. CAS seems to be a protocol with solid Ruby implentations (see Ruby CAS Server and Ruby CAS client. Keep in mind that you'd have to rewrite both apps if you decide to go this way.

pantulis
The problem is rewriting the first app is not really an option at the moment. What I need is something that allows me to log into the new site using the user credentials stored in the old application db. Though it would be awesome if I could sync the sessions but at the moment I dont mind managing the sessions independently.
Sid
A: 

If the database is setup to accept external connections, you can access the user info directly that way.

Elizabeth Buckwalter