Authentication with Ruby on Rails & Devise

Question

I am about to build a new site in ruby on rails for residents at my college. The site will allow residents to change their passwords for the college-firewalls (which means there are certain requirements). On the site, each resident will have an account with a number of data assigned to it, and for this I need some authentication.

I've been studying Devise for almost the entire day now, but im starting to wonder if I have a too complicated task, to complete it with Devise.

Problem is, I need the passwords to be stored with DES-encryption, something Im not sure if Devise can handle. Another thing is, users can't make their own profile. Admins will do that (to ensure correct data), which means that user-creation is not the default one. Since there are no controllers for this, is it even possible to do it that way?

I'm not sure if I should keep on going with Devise, or bite the bullet and write it all from scratch instead. Some opinions would be appreciated.

Answer 1

This page on the Devise wiki ( https://github.com/plataformatec/devise/wiki/How-To:-Create-a-custom-encryptor ) tells you how to set up a custom encryptor.

To make it so that admins create a user, remove the :registerable module from the User model. Then add a user resource to your app, example:

scope 'admin' do
  resources :users
end

Set up the new/edit pages with your profile fields, etc., normal rails programming.

For an example using CanCan to control access to the users resource, have a look at this post: http://zyphmartin.com/blog/manage-users-with-devise-and-cancan.

Answer 2

If devise does not exactly do what you need, maybe this recent webcast from Ryan Bates will help you.