On Thu, 17 Aug 2006 11:45:21 +0100, James Adam wrote: > It's worth noting that the login and user engines tackle different > issues. The login engine provides the login/password authentication, > whereas the user engine (in its current form), only provides an RBAC > layer on top of that.
Right - but LoginEngine still tries to provide some sort of authorization in the form of AuthenticatedSystem. I intend to rip most (all?) of that out and leave it up to the authorization layer. > > But anyway... the login engine is simply a port of the Salted Hash > Login Generator, and it suffers from many of the issues which that > generator had. Please do go ahead developing a streamlined version, > and if you feel it's suitable for other people to use, that's good too Sounds like it should be a separate engine - especially since UserEngine probably depends on the parts of LoginEngine that I'll be dismantling, and I don't intend to update UserEngine (I'm using Bill Katz's Authorization DSL instead). James, any tips on testing LoginEngine during development? Did you have a test-harness application you'd care to share, or did you just create a database.yml and run it as a first-class application during development? Seems like repeatedly having to install it into an app would slow down the development process. Jay _______________________________________________ engine-developers mailing list [email protected] http://lists.rails-engines.org/listinfo.cgi/engine-developers-rails-engines.org
