While digging around for a couple of days, I noticed that I couldn’t find a readily available resource for setting up Rick Olson’s - Restful Authentication with Scott Barron’s acts_as_state_machine. In a quest to get these two to play nicely together, I figured I would try to document how to set it all up properly.

For a little background, Restful Authentication is one of the most popular generator plugins for creating a user management system so that visitors to your application can sign up for a membership, get emailed a link to activate your account and login / logout.

acts_as_state_machine (AASM) is used to create a model that handles a number of states. It helps to think of a state as a status. In this scenario, we are talking about the status of a user — such as :pending, :active, and :suspended . AASM also handles the transitional actions it will take to move from one state to another. For example, when a user signs up successfully, they are added to the user table with a state of “:pending”. Once they click the activation link in the automated user verification email, their status changes to “:active”. The restful_authentication plugin uses AASM to check the permission of each and to see whether they are allowed to log in.

1. Make your app and jump into the vendor directory

rails www
cd www/vendor/plugins

2. Download the latest version of the Restful Authentication plugin

(this will require you to have the git utility installed). As of writing this article, the last big update to the plugin was in May of 2008 so keep an eye out to see that the same is true when you clone the plugin.
git clone git://github.com/technoweenie/restful-authentication.git

3. Remove the hypen in the name of the plugin folder

Certain versions of Rails have returned an error due to the hyphen in the name of the folder, “restful-authentication”. Therefore, we rename the folder.
mv restful-authentication/ restful_authentication/

4. Install acts_as_state_machine

cd ../../
script/plugin install \
http://elitists./svn/plugins/acts_as_state_machine/trunk/

5. Generate the restful_authentication files and settings

This is where the magic happens: this will build your restful authentication system. Just to briefly touch on the parameters and flag. “user” is the name of the model that will handle the user system: things like the name, the email address, the password, and :state (whose mechanics will be controlled by acts_as_state_machine). “sessions” is the name of the controller that will handle the sessions (logging in and out). The flag, “- -stateful”, tells restful_authentication that you plan on using acts_as_state_machine.script/generate authenticated user sessions --stateful

6. Add a map for the activation link

You can add this anywhere within the do block.
config/routes.rbmap.activate '/activate/:activation_code', :controller => 'users', :action => 'activate', :activation_code => nil

7. Add an observer to the user model
config/enviroment.rb

config.active_record.observers = :user_observer


8. Add email configuration

I added this in config/environments/development.rb , but if you want this setting to work in all environments, add it to config/environments.rb
config/environments/development.rbconfig.action_mailer.delivery_method = :sendmail

9. Tweek the settings that show up in the emails

Here are a sample of my settings, you can do this however suits your app. Replace the domain name with your own, ex. “localhost”. When in development mode, append :3000 to the url, ex “localhost:3000/activate…”.

app/model/user_mailer.rb

class UserMailer < ActionMailer::Base
def signup_notification(user)
setup_email(user)
@subject += 'Please activate your new account'
@body[:url] = “http://www./activate/#{user.activation_code}”
end
def activation(user)
setup_email(user)
@subject += ‘Your account has been activated!’
@body[:url] = “http://www./”
end
protected
def setup_email(user)
@recipients = “#{user.email}”
@from = “do-not-reply@”
@subject = “FakingFantastic.com - ”
@sent_on = Time.now
@body[:user] = user
end
end


With this, RA and AASM are now all set up and running. Now, i will quickly make a home page, and output flashes so you can see the messages RA makes while you are signing up.

1. Make a controller for a homepage

script/generate controller site index

2. Add a root map to point to the page
config/routes.rb

map.root :controller => "site", :view => "index"

3. Create application.html.erb, add flash outputs and yield to site to see messages from rest_auth
app/views/layout/application.html.erb

<%= flash[:notice] %>
<%= flash[:error] %>
<%= yield %>

4. Build the database and remove the default homepage

rake db:migrate
rm public/index.html

That’s all it takes. To see the system in action, fire up your server using “script/server” and navigate to “/signup’. You will be greeted by the following screen.

Restful Authentication Signup Screen

After properly filling out the form, you will be registered into the system with a state of “pending”.

Successful Registration

As it says, an email with an activation link has been sent out. You can tail the development log found in

and look for the email message. It should appear as something like this:

Email inside of development log

If you copy that activation link into your browser, it will trigger the User controller and the activate action thanks to the activation route we put in. This will change the users state from :pending to :active so that they can log in. Once complete, you should be redirected to the login screen with a message letting you know it worked.

Sign-Up Complete

Type in your credentials and you should be able to log in successfully.

Successful Login

That’s it. If you found this helpful, be sure to check out my next post where I change restful_authentication to use the email address as the login name.