These are two basically different things: the first is nothing more than a login screen, the second is far more useful.
acts_as_authenticated (AAA) is a good starting point. It is easy to install and to configure.
Once you have login control for your users, the next BIG THING is to assign roles and permissions — to control how they are using the app. This is the Authorization plugin.
AAA Howto
- it is very simple, a good documentation can be found at plugins homepage.
- don’t forget the # Be sure to include AuthenticationSystem in Application Controller instead # thing
Authorization Howto
- first you should install and configure AAA
- the install the Authorization plugin, the install instructions are good.
- download the demo app, and run to see the rich features of the plugin.
- Add acts_as_authorized_user to /models/user.rb
- Add acts_as_authorizable to all your models which will have roles assigned. This will create automatically has-many relationship to the Roles table.
- Hardwire some roles like admin, site_admin in user.rb, take the example from the demo app.
- Start using “permit” and “has_role” extensively.
- <<under construction>>
