I’m about halfway through that post. I’ll let you know once it’s done — I’ve been away from Devise for a while but am finally getting back to authentication and the blog.

Thanks for your feedback!

Alex

Thanks for the great post! It was really helpful when first trying to install Devise. Any chance of you doing a post on how to add a new strategy for logging in using a username or email?

So far, all I’ve found is that the strategy should be added to Warden (I thought it was supposed to be added to Devise), but I don’t know where/how to add and setup the code. (I’m still quite new to Rails.)

Anyway, it would be great if you could do a follow-up post on that, but I’m not sure how busy you are or what else you’ve got planned.

Either way, thanks again for the helpful post!

In the meanwhile, you should check out Devise Facebook Connectable — it provides Facebook authentication and the author has been actively maintaining it and contributing code to Devise itself. Last I check it required you to use only Facebook Connect for accounts and authentication (no local accounts), so it doesn’t work for me, but maybe it can help you out.

Let me know what you find! I’m very interested in how others make Devise work for them.

Thanks! I’ve really enjoyed working with Devise — thank you for the great gem. I’m glad to be able to contribute something useful back to the community.

You make two very good points. I’ve updated the post to include your note about authenticate! v. authenticate_*! — while I’m using only one resource, I want to cover as full a range of features with my blog posts (and multiple resources is a very cool feature).

As far as authentication_keys go, I saw that options when I set up Devise, but that feature didn’t seem to allow exactly what I wanted to do. If I read the code right, all the keys you specify are required to log in, so if you added username to email and password it would require all three.

Since each user on our sites will have a username, I want to offer the ability to log in using either a username or an email (entered interchangeably into the same field) along with the appropriate password. Since it’s probably an infrequent need, I wouldn’t expect that behavior to be supported out of the box; it seems like a great case for a custom strategy. (That’s actually the example I’m planning to use in the next entry to describe how to create your own strategies. Vacation allowing, I’m hoping to get the next entry out before the new year.)

Thanks again for your feedback!

Alex

* The :authenticate! filter is gonna work only when you have just one resource to authenticate. Whenever you’re dealing with many resources, you need to use the specific authenticate_*! methods:

before_filter :authenticate_user!

* In the last versions of Devise (not sure which version it was added) you have some options that let you use different keys to authenticate the user, not just the :email. The first is the :authentication_keys configuration, that is actually the params coming from the form that will be used for authentication. And its complement is the find_for_authentication class method you can override to find the user based on these conditions:

def self.find_for_authentication(conditions)
find(:first, :conditions => conditions)
end

Hope that might be useful =)
And thanks again for the great post. I Look forward to see the second part.
Carlos