Im trying to allow users to login to a website by verifying if they are registered users of a sister website. Im not really sure what is the best way to implement this. The website which is referred to uses authlogic authentication, so would it be wise to have a REST method that the new website calls to obtain a session token of some sort.
Thanks in advance.
Do you want to check credentials only or sync sessions too? --i.e., if I'm logged in website A, I'm also logged in website B. If it's the second case, you need some sort of single-sign-on solution. CAS seems to be a protocol with solid Ruby implentations (see Ruby CAS Server and Ruby CAS client. Keep in mind that you'd have to rewrite both apps if you decide to go this way.
If the database is setup to accept external connections, you can access the user info directly that way.