Census uses Devise and Doorkeeper to manage authentication.
Currently, there are 2 gems to help you set up OAuth, one for staging and one for production. Soon, we will add a configuation option so you don't need to change your gemfile before pushing to production.
-
HTTPS
- Census only allows authentication from a secure connection. This won't be a problem on a Heroku server, but it's a bit of a headache on localhost. In order to test OAuth locally, you need to create an ssl certificate and run a local server "securly." Luckily, Nick Martinez wrote a great tutorial to make this work in the "Important Stuff" section of the oauth staging gem.
-
Expiring Tokens
- Be aware that tokens expire every 90 days. Doorkeeper provides a way to grab a refresh token so your session isn't interupted.
Some roles are just a flag for querying, others define your permissions on the site. Below is a list of all the currently available roles.
Note that the staging server is messy and roles may be incorrect for some users. Contact an admin if you need to change your permissions.
-
Admin
- Can crud all aspects of users.
- Can manage applications
-
Staff / Active Student / Graduated / Mentor
- Can read and update their own personal info.
- Can join public groups.
- Can read cohort information (view cohort pages).
- Can manage applications
-
Enrolled
- Can read and update their own personal info.
- Can read cohort information (view cohort pages).
-
Exited / Removed
- Can't do anything
- Instructor