Rails tip: restful_authentication without a username


I've personal never understood the point of having a username for web sites when 99% of them also require an email address that is unique to you - just use the email address! In the world of Rails development many developers use the excellent restful_authentication to provide the user login structure, but again out of the box it uses a username. Silly thing. So instead, here's how to make restful_authentication sit rather happy with just an email address.

The first issue is the create_users migration. By default a :login attribute is added which can be simply removed - yes, that's it. Next off is the User model. The first part of this is to remove all references to "login" from the validation statements, so e.g. instead of validates_presence_of :login, :email you have validates_presence_of :email

The second part is a little tricker: all methods that use :login have to be changed to use :email, e.g. the encrypt_password() method uses the login to make the security a little stronger, and, more importantly, the self.authentication() method is based off :login.

Once those changes have been done you can proceed to the next step. The next step is to update the views, both the users/new.rhtml and sessions/new.rhtml files need to tweaked. For users/new.rhtml just remove the paragraph that has the login field and you're done. For the sessions/new.rhtml file you need to replace all references of "login" to "email". The final part is to update the sessions controller, and once again just replace "login" with "email". That should do it. Now load up your app and enjoy simpler authentication!

Bonus Tip:

Now, make your user model even more useful and add first_name and last_name fields to the migration and app/views/user/new.rhtml file. One little thing to watch for - due to how restful_authentication works you'll want to also add those two fields to the attr_accessible line in your User.rb model file. Other than that, you'll make life much easier for both you and your users.

How to reply

Care to add your own 2 cents? Let me know via Twitter or my contact page.