Details

    • Type: Improvement
    • Status: Deployed
    • Priority: Medium
    • Resolution: DeployedToBeta
    • Affects Version/s: 0.9.176
    • Fix Version/s: 0.9.181
    • Required Access Level:
      Admin
    • Milestone:
      Internal 0.9
    • Difficulty:
      Medium
    • Roadmap:
      Admin
    • Components:
      BackEnd

      Description

      This is born from https://otwarchive.atlassian.net/browse/AO3-2839

      Originally reported on Google Code with ID 2842

      The Devise gem is a popular option for authentication with Rails 3: https://github.com/plataformatec/devise
      It includes some functionality that we've implemented ourselves; if we migrated, that
      would be code that we didn't need to maintain, and using a well-supported tool with
      a large community behind it would have some security upsides. I also suspect that migrating
      the users table over wouldn't be very difficult, and there are some good options available
      for integrating it with Omniauth.

      How to test.
      This passes test which is positive. I would ask Betsy in particular to do so as she has a old,old password encrypted form on test.

      Well check that non admins can login and out and can't access admin only pages.
      Check that admins can log in and out with their old password and that they can access admin pages.

        Attachments

          Activity

            People

            • Assignee:
              zz9pzza2 james_
              Reporter:
              zz9pzza2 james_
            • Votes:
              0 Vote for this issue
              Watchers:
              3 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved: