Replies: 4 comments 2 replies
-
I agree a guide would be useful. I will first see about adding an admin account to the demo app, then see about writing a guide (though I would appreciate help with the guide). OK, I see you tried combining code form different sources, including some from older code comments. I will try to answer your questions below.
This is a good start, though the routing logic assumes that you enabled the route do |r|
r.rodauth
r.rodauth(:admin) # routes admin routes
end
Yes, that's necessary 👍🏻
This depends, how much common/differing authentication features that require database tables will main & admin configurations use? If one will be a superset of the other one, feel free to include the model mixin only for that one. But if main configuration uses
This should also be followed up with configuration changes shown in that wiki page.
You haven't enabled the
Then you should remove the
Are you using the latest rodauth-rails version?
This isn't related to multiple configurations, this is when you're using a model name that cannot be inferred from the table name (defaults to
I recommend starting the admin configuration to be exactly the same as the main configuration, and then go from there. The easiest way to do that is using inheritance, by defining a base class, where you copy all current main configuration, and then defining main & admin subclasses of that base class which start out empty. Then gradually decide in what way admin authentication should differ. # app/misc/rodauth_base.rb
class RodauthBase < Rodauth::Rails::Auth
configure do
# copy the whole main configuration here
end
end # app/misc/rodauth_main.rb
class RodauthMain < RodauthBase
configure do
# empty
end
end # app/misc/rodauth_admin.rb
class RodauthAdmin < RodauthBase
configure do
# empty
end
end class RodauthApp < Rodauth::Rails::App
configure RodauthMain
configure RodauthAdmin, :admin
route do |r|
r.rodauth
r.rodauth(:admin)
end
end |
Beta Was this translation helpful? Give feedback.
-
@janko I seem to be getting somewhere, Problem is the that the new migration conflicts with the old migration:
Question 1, Question 2,
Calling just current_account gives: [10] pry(#)> current_account Question 3, What also confuses me is why is a non-admin account able to sign in through admin/login and /login? (for now, I am replicating the same auth process) How do I prevent this, such that only an admin can sign in via admin/login and a normal user only through /login? In this case I am using the same accounts table with a sub table for roles as per https://github.com/janko/rodauth-rails/wiki/Account-Types |
Beta Was this translation helpful? Give feedback.
-
Hi @janko Thanks again for the help! RE: Q2, changing to a subselect seems to just force a logout when I call current_account(:admin),
So stuck, if you have any other thoughts? I think if I can just get current_accounts(:admin) working I might have a working solution for now. RE: "Really not sure where this is coming from. Could you post a full backtrace?" I think we can ignore that? I was calling current_account while in an admin session.. which I assume I should not be doing. But from what I can see its a similar error to the above with regards to the account_ds(*) quesry... Hope that makes sense. |
Beta Was this translation helpful? Give feedback.
-
There's a video documenting this: https://www.youtube.com/watch?v=N6z7AtKSpNI |
Beta Was this translation helpful? Give feedback.
-
Hi janko & community,
I'm pretty new to rails - so I understand its not a problem for the very skilled.
The documentation is really comprehensive, however, I am completely confused after trying to setup admin accounts (i.e. Multiple configurations) using the available documentation.
My previous app used Devise and luckily there were a lot of external blogs / threads etc that helped me get the features I needed.
For the app I am working on currently, I was excited to use rodauth-rails due to all the builtin multi-factor auth functionality.
My goal is to have admin accounts, as a means to access sensitive data or app functionality.
Here are the Steps I followed and where I ultimately got stuck?:
Note I get especially confused as to how I am supposed to setup routes...
STEP 1:
The generated rodauth_app.rb file has commented sections for an admin configuration, so I uncommented these:
STEP 2:
I added the admin controller:
STEP 3:
I add :admin to the account.rb model:
Question, should I just replace Rodauth::Rails.model with Rodauth::Rails.model(:admin) above? Does that mean I need two seperate account models? One for normal users and one for admin users? I would like to use the same model for both?
STEP 4:
I add the migration for account types:
I then run the migration and manually set one of my existing accounts to be of type admin in the db (using dbeaver)
STEP 5:
I set a page I would like only an admin user to access:
This causes the following routing error: No route matches [GET] "/admin/login"
I tried many things, one of which was to set 'r.rodauth(:admin)' just under r.rodauth based on what I could gather from the docs:
None of this worked?
I gathered from this that I would also have to generate new views for these routes using
rails generate rodauth:views -all --name admin ?
But this is not really what I want, I am happy to just set a user as an admin on the backend and have them login via the existing original routes? i.e. /login NOT /admin/login. Not sure if that's even possible?
STEP 6:
I also tried using the following:
But receive this error:
undefined method `rails_account' for #<#Class:0x00007feb2855ee00:0x00007feb28576028 @scope=#<RodauthApp::Middleware request=#<RodauthApp::Middleware::RodaRequest GET /performance_dashboards> response=#<RodauthApp::Middleware::RodaResponse nil {} []>>>
I have no idea if I should / how to make use of the below while still using only the configs for :admin in rodauth_app.rb (i.e. Single-file configuration):
As you can see - just all over confusion on how to approach the setup?
Think a step by step guide or a demo app with both a normal user account and an admin account setup could go a long way with helping rails beginner's like me move over from Devise to Rodauth-rails...
But any guidance as to the above would be greatly appreciated by anyone in the meantime?
Best & thanks!
Beta Was this translation helpful? Give feedback.
All reactions