/ae_users

An authentication and authorization plugin for Rails

Primary LanguageRuby

AeUsers
=======

This is the authentication system used in Alleged Entertainment Rails 
applications such as Journey and ProCon.  For more information, go to 
www.aegames.org.

Initial Setup
=============

For MySQL, run the included "schema.sql" file on your target database.  This
will create the shard ae_users user info tables.

For other databases, you are on your own for now.  Sorry.  :(

Migrating from AeUsers 0.1
==========================

To migrate from AeUsers 0.1, run the following SQL commands in your ae_users
database:

alter table email_addresses add column person_id int;
update email_addresses, accounts, people set email_addresses.person_id=people.id 
  where email_addresses.account_id = accounts.id 
        and people.account_id = accounts.id;
alter table email_addresses drop column account_id;

alter table accounts add column person_id int;
update accounts, people set accounts.person_id=people.id 
  where accounts.id = people.account_id;
alter table people drop column account_id;

create table open_id_identities (id int not null auto_increment primary key, 
                                 person_id int, identity_url varchar(4000));

You'll also want to run this command in each of your application databases:

create table auth_tickets (id int not null auto_increment primary key, 
  secret varchar(40) unique, person_id int, created_at datetime, 
  updated_at datetime, expires_at datetime);

And if you want to enable permission caching (experimental, but can dramatically 
increase performance in some cases), run these commands in each of your 
application databases for which you want to enable it:

create table permission_caches (id int not null auto_increment primary key, 
  person_id int, permissioned_id int, permissioned_type varchar(255), 
  permission_name varchar(255), result tinyint(1));
create index index_permission_caches_on_person_id on permission_caches 
  (person_id);
create index index_permission_caches_on_permissioned on permission_caches 
  (permissioned_id, permissioned_type);
create index index_permission_caches_on_permission_name on permission_caches 
  (permission_name);