Sign in, Login, Sessions

November 12, 2009

I started a new Rails project last week and had a lot of new-project questions to answer. On every new project, I try to get the boring tasks out of the way as early as possible. Getting a new project started fast is one of the advantages in using Rails but it’s inevitable that you’ll face some problems or decisions that require a pilot. And depending on how often you start new projects or how long it’s been since you started one, you’ve probably forgotten a thing or two. I know I did, but that’s why we have Google.

I began work on the sign in/sign up features since most of my stories require a user. I used authlogic for authentication because it’s awesome (pragmatic, I know). But I couldn’t decide between the phrase “login” or “sign in” so I hit the wild-web to do some research. My research (quick and unscientific) revealed an alarming amount of inconsistency. So I decided to go with “sign in” and move on with life.

While working on the sign in page I stumbled over another problem. If authentication failed, then my nice /signup route was replaced with the ugly /user_session route. So I hit the web again in search of a definitive answer. What I found this time was even more alarming than what I found the first time. There are numerous popular sites that have the same problem. Some sites had sign up links pointing to /login routes and others weren’t even from the same planet. I was unhappy with all the inconsistency. It’s the kind of mess I lose sleep over.

If you want to see for yourself, just have a look at twitter’s sign in page. Twitter’s link reads “login” and as you would expect, it takes you to the /login route. The header and button on the page read “Sign in” and “Sign In” respectively. If you fail to correctly enter your username or password you are redirected to the /sessions route. Whaaaa? I’m not trying to pick on twitter; they weren’t the only offenders. Take a look at github or justin.tv or peepcode’s website. That’s just a small sampling.

I solved my issue with a simple change to the routes.rb file and a small tweak to my sign in form. I updated my sign in form to post to the signin_path and added the following lines to routes.rb:

map.signin 'signin', :controller => 'user_sessions', 
:action => 'new', :conditions => { :method => :get }

map.signin 'signin', :controller => 'user_sessions', 
:action => 'create', :conditions => { :method => :post }