Hanami::Mimoto - Easy authentication for Hanami


#1

Hey everyone,

I’ve been watching Hanami closely for some time now, and the latest release has conquered my soul - I would like to congratulate you guys for your great work!

As we know Hanami is still young, and so is the ecosystem of available extensions. The one that I am missing the most is authentication. So I started to build a gem - Hanami::Mimoto that focuses on ease of use, flexibility and follows Hanami ‘sound architecture’.

I’ve read previous post on how to provide Hanami with authentication - Tachiban, Warden, etc. In my opinion they lack a vision (except brief thought that @davydovanton has given out in one of the posts.

I have sketched how I envision Hanami::Mimoto to be implemented (in a form of README that you usually see on Github). It is only a quick sketch and it will be elaborated on more, but I hope it gives the idea. I don’t dig into technical details just yet. I am trying to create the route first that could be technically followed later on (begin with the end in mind).

I am writing here in this early stage to seek for your feedback, ideas, and perhaps collaborators - please feel welcome with any of these!

Best regards,
Damian.


#2

Amazing! I like the approach or README driven development, and what your vision is.

One thing I’d like to suggest is using Hanami::Interactor, rather than putting all the business logic in the actions. What do you think? For example: some names could be SignUpUser, LogUserIn, LogUserOut, RemoveUser


#3

@cllns this is a good idea - I’ll note it down. I am sure when I get to implementing controllers I would definitely not want to have all the business logic there - using interactors as abstraction makes sense here.

Thanks for your input!


#4

I like the approach of making it be mostly a generator gem, makes total sense for authentication. If you’re willing to spearhead this I’ll gladly contribute.

I created a small sample app where I checked how simple it would be to leverage warden: https://github.com/radanskoric/hanami_auth_sample

One very minor suggestion is to make the generated templates use classes which just happen to work nicely with bootstrap (or some other css framework, bootstrap is just the most popular one). This can easily be changed later but making the journey from 0 to nice looking authentication shorter should help a lot with adoption.


#5

Hi @radanskoric,

Sure, I see generators as important part of this gem, as I would like it to be as easy as possible for developers to get going with authentication. In the README I mention Warden - Mimoto is going to be based on that, and so I believe there will be a need to plug Warden in (there is a line added in web/application.rb that will be responsible for this).

I think there will be one strategy initially (password strategy) that will use bcrypt (which is fairly common), and the line in the entity that will add necessary methods to make the strategy work.

I wish Mimoto to be as flexible as possible, so developers can write their own strategies (oauth for instance) and easily plug them in.

I see generated forms quite plain - however having perhaps a command line option for Mimoto generator (–template=bootstrap, --template=foundation) is the very like idea.

I am currently working on making the implementation that is seen in README work. Once it’s in Github, I will be more than happy for you guys to join :slight_smile: