Use a PHPBB forum to handle user authentication in your rails app

Im currently in the process of rebuilding in rails. Its currently uses PHPBB to handle logging in and authentication so to make the rebuild simpler I thought keep it working in the same way instead of trying to migrate all the users/passwords to a separate system.

So I wrote a rails gem / plugin to make this a bit easier. It currently works on Rails > 2.3.3. I decided that I still wanted to have a users table in my applications database to make relationships easier but I would just store the stuff that’s important to the app itself (not passwords etc). So if you visit the rails site and are logged in to the forum a user will also be created in your rails app database if one does not exist.

So here is how to get started:

# install the gem
gem install mattfawcett-phpbb-auth

Tell rails that you want to use the gem it by adding the following to your environment.rb

config.gem "mattfawcett-phpbb-auth", :lib => "phpbb_auth", :source => ""

Add an entries to database.yml for phpbb_database_development, phpbb_database_production and phpbb_database_development.

In your config directory create a file called phpbb_auth_settings.rb, copy whats below into the file and change to match your setup.

PHPBB_AUTH_COOKIE_NAME = 'phpbb3_7uah4'; 
PHPBB_AUTH_LOCAL_USER_MODEL_NAME ='User' #this is the name of the model that you will use to store information about  users in your rails app 
PHPBB_AUTH_REMOTE_REMOTE_IDENTIFIER = 'user_email' #I use email to identify somebody, you may want to use the username  instead 
PHPBB_AUTH_REMOTE_LOCAL_IDENTIFIER = 'email' #this is the name of a field on your local user model that will be used to  lookup the value of remote identifier.
PHPBB_AUTH_COLUMNS_TO_DUPLICATE = {:user_website => :website} #specify any additional fields that you would like copying  to your local user model 

In application_controller.rb, include the module

include PhpbbAuth 

How you handle the rest is up to you but here’s what I did. Create a method called set_current_user.

def set_current_user   
  @current_user = current_user 

Add a before filter to the controller to run the method.

before_filter :set_current_user 

You will then have access to the @current_user variable in your controllers and views. This will be either nil if the user is not logged in, or an instance of your local User.

The source is up on Github.

Posted by Matt Mon, 31 Aug 2009 12:12:00 GMT

spree-phpbb-auth - Use an existing phpbb forum for users/authentication with a Spree shopping cart

Im in the process of setting up a Spree shopping cart on an existing site which uses a phpbb forum for storing all users and logging in etc. I wanted the existing users of the site to be able to purchase from the shopping cart area without having to go through another sign up process and have 2 sets of usernames and passwords so iv created a Spree extension called spree-phpbb-auth.

The extension looks for the phpbb session cookie and looks it up in the forum database, if the user is unknkown to the spree application, a user will be created within Spree in the background. The standard Spree authentication system is then used to set that users session up to declare them as being logged in. It overwrites the existing login /logout/register/edit my account actions so that they redirect to the phpbb equivalents.

Its not being used in Production yet but it all seems to work ok locally. There are a few issues that I can think of

  1. Won’t work accross different domains (should work on subdomains if you set the cookie domain to be "" instead of "")
  2. All users that get automatically added to the Spree users table get assigned to the group "users" so it doesn’t look at the phpbb permissions at all.
  3. If you allow your phpbb user to change email addressess then when they hit the cart after a change, they will be registed as a new user.


  • script/extension install git://
  • Change the contents of config/phpbb_auth_settings.rb
  • Add an entry to your database.yml file for "phpbb_database_production"

Posted by Matt Sun, 22 Mar 2009 13:58:00 GMT