Ficlets, Rails and OpenID

Kevin Lawver

This is a presentation. If you'd like to view all the slides like a normal web page, you can.

What is Ficlets?

• The Site
• Collaborative fiction: Any user can add a prequel or sequel to any story
• All content is licensed under Creative Commons
• Using the Flickr API to pull in "inspiration" photos
• Using several feeds to spur story ids

How did Ficlets Happen?

• Proposed at Kerry Parkins' Community in a Box offsite in early December
• It was one of the "winners" and I got approval to build a prototype as an experiment
• I got a very small team (4-5 total for design and dev): no project manager, no product lead, no QA
• Designed in three weeks while I was on vacation, built in two months after I got back.

What Were You Trying to Prove?

• We could use Rails to build high quality viral products quickly and with minimal QA involvement
• I could lead a very small team and crank out a full-fledged product very quickly
• That AOL could embrace the startup model - fuzzy roles, not a lot of process - and do it successfully
• That we could launch a site that accepts OpenID and AOL screen names.
• That we could launch a site that uses Creative Commons

Who Did It?

• Jason Garber - Front end wizard. He did all the microformats, CSS and a lot of javascript, so I didn't have to
• Ari Kushimoto - Did a lot of the UI and her initial take on the logo led us to the final treatment
• Me - Idea, product owner, project manager, architect, designed the database, wrote all the models, controllers, routes, and did a good bit of the install.
• Cindy Li - Lots of UI, initial brainstorming and direction and tons of marketing at SxSW
• Jenna Marino - The awesome visual look of the site and the logo.

What Happens to Ficlets Now?

• We're fixing bugs, rolling them out several times a week
• Waiting to see how ficlets does so we can justify phase two

Why We Used Rails

• I'd been playing with it for months and looking for a "class project"
• It felt like the right choice for rapid development
• Very active community, good documentation, lots of deployment options
• It's fun.

What's Rails?

• Web development framework written in Ruby
• A full-featured MVC, complete with development environment
• As much a philosophy for web development as it is a framework

Why is it Cool?

• It's easy to use
• Super quick to install and get something working
• Lots of plugins, gems and other fantastic tools to speed up development
• Solid development philosophy that enforces best practice, but allows you to get around it if you absolutely have to.

Getting Started With Rails

• Lots of full apps you can download:
  • OS X - Locomotive
  • Windows - InstantRails
• But, you should probably just install it by hand.
  • OS X
  • Windows XP

Creating a Project

• rails project_you_want_to_create
• cd project_you_want_to_create
• script/server
• http://localhost:3000

Getting Something Working

• Create your database
• Configure in config/database.yml
• Create a table in your database
• run script/generate scaffold table_name

The Scale Myth

• With the release of mongrel, scaling Rails is no longer a real problem (or no bigger a problem than any other product).
• Ficlets is currently running on two machines with:
  • 1 apache each
  • 4 mongrels each
• We've handled being boingboing'ed, dugg, ma.gnolia'ed, etc. with no real problems.

OpenID

• Allows for distributed identity - you keep your identity and "share" it with requesting sites
• Identity Providers (like AOL) and Relying Parties (like Ficlets)
• See OpenID

OpenID and Rails

• We decided to use the library at OpenID Enabled
• Provides easy hooks for being both an identity provider and relying party - used on several public sites, and actively developed and supported.

The OpenID Login Process

1. User entered OpenID
2. Relying party requests OpenID, looks for delegate URLs
3. Redirects User to URL found in the openid.server link.
4. User authenticates and grants or denies permission
5. User is redirected by Identity Provider back to Relying Party

The Code: Signin

1. Checks to see if you're already signed in
2. Checks for return URL and sets that in the session
3. If it's a POST
   1. Begins the OpenID login process
   2. Redirects to Identity Provider or returns error

The Code: Signedin

1. Check for success criteria
2. Checks to see if User exists
   1. If User exists
      1. Set session[:user] to User.id
   2. else
      1. Create new User
3. Redirects to intended URL or the homepage

Handling Multiple Userspaces in One App

• Database has not just a login, but a logintype to tell me where the user came from
• Currently support OpenAuth and OpenID, but could support others (intended to support Yahoo's BBAuth but ran out of time)
• We create "pen names" so users "real" identity is kept private.

Lessons Learned

• Rails is fantastic, and makes development "fun"
• Rails provides a great platform for pair programming
• The myth that Rails can't scale is just that - a myth
• I wouldn't skip QA the next time, but it can be done - and I'd spend a lot of time creating test cases
• The design process is a lot more fun when it's collaborative and design and development feels like one team

Conclusion

• It is possible to do things both quickly and well
• We're too entrenched in roles and process to truly innovate
• We have insanely creative and smart people within the company - it's time to unshackle them and let them be both creative and smart.
• OpenID is great, and will bring a lot of people in to our products who don't want AIM screennames.

Questions?

My questions for you:

• How can we do more stuff like this?
• What's standing in the way of innovation?
• What new technologies or methodologies should we be trying out?