So I'm working on my differently-opinionated version of LoginEngine, and I've come across something I don't quite get.
LoginEngine declares two public class methods (authenticate and authenticate_by_token) on module ClassMethods, which then get mixed into class User via AuthenticatedUser. However, the protected methods that they rely - ahshed and salted_password - on aren't similarly brought into User; they're kept in AuthenticatedUser, and called explicitly. Is there any reason they shouldn't be mixed into User like the public ClassMethods are? Was it just an implementation choice? I haven't played much with access control in Ruby, so maybe there's something I'm missing. Jay Levitt _______________________________________________ engine-developers mailing list [email protected] http://lists.rails-engines.org/listinfo.cgi/engine-developers-rails-engines.org
