Wednesday, 1 June 2011

Autologin to rubyCAS after create user

From restful_authentication I first got the idea that when a user signs up they can also be automatically logged-in. This as opposed to having them register - then sending them to the login page where they have to re-enter the details they just typed into the registration-form.

Unless you have some kind of click-on-the-email-activation-code-before-logging-in requirement, you shouldn't force your user to go through this dance. It's a tiny nice-to-have that (if all goes well) ends up with a more seamless experience for the user - all win.

If one of your rails apps also deals with signing up your new users - you should be able to mirror this autologin functionality to smoothly get them started straight after registration.

At first glance, it looked like rubyCAS didn't support this - or at least not easily... but it's all tied into the same functionality as logging-in via a form. Autologin uses the same login_to_service method in your create action. You should already have the user's login credentials, so post them to the service and redirect them to whatever "getting started" page they should begin with. You can even just reuse the same cas_login action itself.

So, in the action that creates/registers a new user, add this at the end:

  def create
    # creating a new user code goes here
    if success?
       redirect(cas_login_path(:login => @user.username, :password => params[:new_password]))

Just don't forget to use the pre-encrypted password. :)

This is one article in a series on Rails single-sign-on with rubyCAS

No comments: