Rails 3 Authentication: Authlogic vs Devise
I have always used Authlogic in Rails 2.3 but now that I am using Rails 3 I think I might try out a new authentication solution.
How does Devise compare wi开发者_Go百科th Authlogic? What are their differences?
I've used them both, but not extensively. In my last project, I gave Devise a shot. I ended up using Rails-Warden instead.
for devise, if you want to send successful login to "welcome/index" you add to routes.rb
namespace :user do
root :to => "welcome#index"
end
as documented https://github.com/plataformatec/devise/wiki/How-To:-Redirect-to-a-specific-page-on-successful-sign-in
personally, i like devise. it think it's great and i guess you can call it "opinionated" but those opinions can be easily overwritten.
I found Devise too opinionated for me. If you just want to accept the way it does things out of the box it is good and easy to get going. I had some specific requirements and found myself writing things to get round Devise so ended up ripping it out and updating Authlogic to Rails3 instead.
Like the original questioner, I too had always used AuthLogic in the Rails 2.3 days but made the choice to use Devise when AuthLogic wasn't ready for Rails 3.1 (when it was at the RC stage). Overall I've made Devise do what I want but I'm unhappy and wish I hadn't made the change.
User Authentication seems simple on the surface and an ideal thing to "componentize" but so many times you want to let a user engage with your site fully before requiring login and Devise makes this harder.
Yes features like putting after_sign_in_path_for / after_sign_up_path_for into Application Controller work but these functions are really intended to do nothing more than return a path and if you're using Devise you'll find yourself sticking big blocks of code into them. It works but having your own users controller to handle user related actions is, to me, more elegant.
If you need multiple OAuth authentication to Twitter, Facebook, LinkedIn and Google, you can use the OmniAuth gem along with Authlogic. Easy to figure out and gives you complete control over what happens as users authenticate from different social sites, which you do in authorizations_controller.rb.
I like Devise. You can use OmniAuth with Devise too. I think that the Devise project is very active, and it has a big support on the internet.
精彩评论