Architecture: worker/director (3 main roles) in one same rails app

I want to develop a rails app that does this:

• a public front-end deployed on some place like Heroku
• a private front-end that I can access (this would be someplace like my home/office where it is the only app running)
• a private backend that collects and analyses data (the public front end can access the backend through an API,this would be someplace like my home/office where it is the only app running)

I want to keep the code base the same so I was thinki开发者_如何学Cng of modifying environment variables accordingly.

So, two things:

1. is this a good architecture for this?

2. how would I run a back ground worker thread/process on the private front/backend machine

thanks

This is one application.

My suggestion is that you use an authentication framework, my suggestion would be devise (https://github.com/plataformatec/devise) and an authorization framework like acl9 (https://github.com/be9/acl9) or cancan (https://github.com/ryanb/cancan).

The fact is smarter people than you and I have built fantastic frameworks to solve just this problem and there's no point reinventing the wheel when something already exists. Plus, writing authentications systems might seem easy but it's actually incredibly complicated.

I would also not recommend restful-authentication or acts_as_authenticated, especially if you're building a rails 3 application.

If you're planning on deploying on heroku using environment variables isn't going to work because:

1. The variables will be the same across all of your dynos.
2. If you want to run different apps you need to go for their new database offerings which are quite expensive.

Consolidate everything into one app, your life will be easier in the long run!

For background workers you can use resque and dynamically spin up workers (http://blog.darkhax.com/2010/07/30/auto-scale-your-resque-workers-on-heroku). Use different queues if you want for the public/private facing stuff if they have different SLAs.

I hope this helps, if you have any more questions leave a comment.

What about authorization? I'm using this plugin with Restful authentication for authentication.

With it I define roles and where it can access, and give a role to each user. The user log in and the controller (or the view) checks the user's permissions and respond properly (you'll need to code a bit, but it's the most elegant and safer way, I think).

You could perhaps use authentication to figure out who is accessing things, within the controller.

Couldn't you use a before_filter that authenticated access and authorised different levels of functionality, based on authenticated user?

For authentication, you could go for something simple like this (cheatsheet here):

http://cheat.errtheblog.com/s/acts_as_authenticated/

or a better one:

https://github.com/technoweenie/restful-authentication