Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
Gems You Might Not Need - Authentication and Au...
Search
Sponsored
·
SiteGround - Reliable hosting with speed, security, and support you can count on.
→
Brandon Beacher
March 30, 2012
Programming
5
380
Gems You Might Not Need - Authentication and Authorization
Brandon Beacher
March 30, 2012
Tweet
Share
More Decks by Brandon Beacher
See All by Brandon Beacher
Ruby for Recruiters
brandon_beacher
1
77
Academic Software Development Collaboration Tools
brandon_beacher
3
180
Other Decks in Programming
See All in Programming
日本だけで解禁されているアプリ起動の方法
ryunakayama
0
260
Package Management Learnings from Homebrew
mikemcquaid
0
230
AI Schema Enrichment for your Oracle AI Database
thatjeffsmith
0
330
CSC307 Lecture 06
javiergs
PRO
0
690
Gemini for developers
meteatamel
0
100
izumin5210のプロポーザルのネタ探し #tskaigi_msup
izumin5210
1
140
CSC307 Lecture 08
javiergs
PRO
0
670
「ブロックテーマでは再現できない」は本当か?
inc2734
0
1k
生成AIを使ったコードレビューで定性的に品質カバー
chiilog
1
280
Automatic Grammar Agreementと Markdown Extended Attributes について
kishikawakatsumi
0
200
開発者から情シスまで - 多様なユーザー層に届けるAPI提供戦略 / Postman API Night Okinawa 2026 Winter
tasshi
0
210
Python’s True Superpower
hynek
0
100
Featured
See All Featured
The Cult of Friendly URLs
andyhume
79
6.8k
SEO Brein meetup: CTRL+C is not how to scale international SEO
lindahogenes
0
2.4k
Navigating Team Friction
lara
192
16k
Leveraging Curiosity to Care for An Aging Population
cassininazir
1
170
AI Search: Implications for SEO and How to Move Forward - #ShenzhenSEOConference
aleyda
1
1.1k
Deep Space Network (abreviated)
tonyrice
0
66
What’s in a name? Adding method to the madness
productmarketing
PRO
24
3.9k
How to Create Impact in a Changing Tech Landscape [PerfNow 2023]
tammyeverts
55
3.3k
Leadership Guide Workshop - DevTernity 2021
reverentgeek
1
200
The Straight Up "How To Draw Better" Workshop
denniskardys
239
140k
Why You Should Never Use an ORM
jnunemaker
PRO
61
9.7k
Tips & Tricks on How to Get Your First Job In Tech
honzajavorek
0
440
Transcript
Gems You Might Not Need Authentication and Authorization
Authentication Who are you? Authorization Are you allowed to do
that?
Do I need an authentication gem? Maybe not...
has_secure_password • Built in to newer versions of Rails •
Adds methods to set and authenticate against a BCrypt password. • This mechanism requires you to have a password_digest attribute. https://gist.github.com/2252946
Invitations • Add an invitation_token string attribute to your model
• Generate the token with ActiveSupport:: SecureRandom.hex https://gist.github.com/2253047
Do I need an authorization gem? Maybe not...
Before filters • Methods with redirects https://gist.github.com/2253206
Before filters - a step further • Stay flexible to
meet needs https://gist.github.com/3f28fd45a9755dfafd72
The Forbid pattern • When you need to get more
granular than before filters • class ForbiddenError < StandardError • rescue_from ForbiddenError https://gist.github.com/2253303
The Forbid pattern - a step further • Stay flexible
to meet business needs https://gist.github.com/2253352
The End • Simple • Flexible • Easy to understand
SiteGround - Reliable hosting with speed, security, and support you can count on.
brandon_beacher
ryunakayama
mikemcquaid
thatjeffsmith
javiergs
meteatamel
izumin5210
inc2734
chiilog
kishikawakatsumi
tasshi
hynek
andyhume
lindahogenes
lara
cassininazir
aleyda
tonyrice
productmarketing
tammyeverts
reverentgeek
denniskardys
jnunemaker
honzajavorek
