Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
Gems You Might Not Need - Authentication and Authorization
Search
Brandon Beacher
March 30, 2012
Programming
5
370
Gems You Might Not Need - Authentication and Authorization
Brandon Beacher
March 30, 2012
Tweet
Share
More Decks by Brandon Beacher
See All by Brandon Beacher
Ruby for Recruiters
brandon_beacher
1
57
Academic Software Development Collaboration Tools
brandon_beacher
3
160
Other Decks in Programming
See All in Programming
GraphQLサーバの構成要素を整理する #ハッカー鮨 #tsukijigraphql / graphql server technology selection
izumin5210
4
840
検証も兼ねて個人開発でHonoとかと向き合った話
hanetsuki
1
1.1k
MicrosoftのPlatform Engineeringガイドを読んで実際になにかやってみた
ymd65536
1
340
Hanami and htmx
bkuhlmann
0
210
try!Swift Tokyo 2024 参加報告 LT
akidon0000
1
220
PHP8.3の機能を振り返る / Review of PHP 8.3 features
seike460
PRO
1
110
OpenAPIを中心に考えるAPI開発入門 / Introduction to API Development with a Focus on OpenAPI
seike460
PRO
2
170
デフォルトにして至高、RubyMineの大好きな所
ruzia
0
400
if constexpr文はテンプレート世界のラムダ式である
faithandbrave
3
650
MetricKitで予期せぬ終了を検知する話 / Detect unexpected termination with MetricKit
nekowen
1
190
GitHub Copilotのススメ
marcy731
1
200
Site Reliability Engineering for GMO
pyama86
8
1k
Featured
See All Featured
The Art of Programming - Codeland 2020
erikaheidi
42
12k
Let's Do A Bunch of Simple Stuff to Make Websites Faster
chriscoyier
501
140k
Rebuilding a faster, lazier Slack
samanthasiow
73
8.2k
Creatively Recalculating Your Daily Design Routine
revolveconf
210
11k
Documentation Writing (for coders)
carmenintech
60
3.9k
4 Signs Your Business is Dying
shpigford
175
21k
Optimizing for Happiness
mojombo
370
69k
Pencils Down: Stop Designing & Start Developing
hursman
117
11k
The Pragmatic Product Professional
lauravandoore
25
5.8k
Stop Working from a Prison Cell
hatefulcrawdad
266
19k
Web development in the modern age
philhawksworth
202
10k
Web Components: a chance to create the future
zenorocha
305
41k
Transcript
Gems You Might Not Need Authentication and Authorization
Authentication Who are you? Authorization Are you allowed to do
that?
Do I need an authentication gem? Maybe not...
has_secure_password • Built in to newer versions of Rails •
Adds methods to set and authenticate against a BCrypt password. • This mechanism requires you to have a password_digest attribute. https://gist.github.com/2252946
Invitations • Add an invitation_token string attribute to your model
• Generate the token with ActiveSupport:: SecureRandom.hex https://gist.github.com/2253047
Do I need an authorization gem? Maybe not...
Before filters • Methods with redirects https://gist.github.com/2253206
Before filters - a step further • Stay flexible to
meet needs https://gist.github.com/3f28fd45a9755dfafd72
The Forbid pattern • When you need to get more
granular than before filters • class ForbiddenError < StandardError • rescue_from ForbiddenError https://gist.github.com/2253303
The Forbid pattern - a step further • Stay flexible
to meet business needs https://gist.github.com/2253352
The End • Simple • Flexible • Easy to understand