Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
Gems You Might Not Need - Authentication and Au...
Search
Brandon Beacher
March 30, 2012
Programming
5
370
Gems You Might Not Need - Authentication and Authorization
Brandon Beacher
March 30, 2012
Tweet
Share
More Decks by Brandon Beacher
See All by Brandon Beacher
Ruby for Recruiters
brandon_beacher
1
65
Academic Software Development Collaboration Tools
brandon_beacher
3
170
Other Decks in Programming
See All in Programming
外部システム連携先が10を超えるシステムでのアーキテクチャ設計・実装事例
kiwasaki
1
290
Snowflake x dbtで作るセキュアでアジャイルなデータ基盤
tsoshiro
2
510
よくできたテンプレート言語として TypeScript + JSX を利用する試み / Using TypeScript + JSX outside of Web Frontend #TSKaigiKansai
izumin5210
5
1.4k
Better Code Design in PHP
afilina
PRO
0
120
ヤプリ新卒SREの オンボーディング
masaki12
0
120
WebフロントエンドにおけるGraphQL(あるいはバックエンドのAPI)との向き合い方 / #241106_plk_frontend
izumin5210
4
1.3k
Tuning GraphQL on Rails
pyama86
2
1.2k
Nurturing OpenJDK distribution: Eclipse Temurin Success History and plan
ivargrimstad
0
690
弊社の「意識チョット低いアーキテクチャ」10選
texmeijin
5
24k
Macとオーディオ再生 2024/11/02
yusukeito
0
350
카카오페이는 어떻게 수천만 결제를 처리할까? 우아한 결제 분산락 노하우
kakao
PRO
0
110
Duckdb-Wasmでローカルダッシュボードを作ってみた
nkforwork
0
110
Featured
See All Featured
How GitHub (no longer) Works
holman
310
140k
How to Think Like a Performance Engineer
csswizardry
20
1.1k
Code Reviewing Like a Champion
maltzj
520
39k
Writing Fast Ruby
sferik
627
61k
Side Projects
sachag
452
42k
Become a Pro
speakerdeck
PRO
25
5k
StorybookのUI Testing Handbookを読んだ
zakiyama
26
5.2k
Fight the Zombie Pattern Library - RWD Summit 2016
marcelosomers
232
17k
Reflections from 52 weeks, 52 projects
jeffersonlam
346
20k
ピンチをチャンスに:未来をつくるプロダクトロードマップ #pmconf2020
aki_iinuma
109
49k
CSS Pre-Processors: Stylus, Less & Sass
bermonpainter
356
29k
Optimizing for Happiness
mojombo
376
70k
Transcript
Gems You Might Not Need Authentication and Authorization
Authentication Who are you? Authorization Are you allowed to do
that?
Do I need an authentication gem? Maybe not...
has_secure_password • Built in to newer versions of Rails •
Adds methods to set and authenticate against a BCrypt password. • This mechanism requires you to have a password_digest attribute. https://gist.github.com/2252946
Invitations • Add an invitation_token string attribute to your model
• Generate the token with ActiveSupport:: SecureRandom.hex https://gist.github.com/2253047
Do I need an authorization gem? Maybe not...
Before filters • Methods with redirects https://gist.github.com/2253206
Before filters - a step further • Stay flexible to
meet needs https://gist.github.com/3f28fd45a9755dfafd72
The Forbid pattern • When you need to get more
granular than before filters • class ForbiddenError < StandardError • rescue_from ForbiddenError https://gist.github.com/2253303
The Forbid pattern - a step further • Stay flexible
to meet business needs https://gist.github.com/2253352
The End • Simple • Flexible • Easy to understand
brandon_beacher
kiwasaki
tsoshiro
izumin5210
afilina
masaki12
pyama86
ivargrimstad
texmeijin
yusukeito
kakao
nkforwork
holman
csswizardry
maltzj
sferik
sachag
speakerdeck
zakiyama
marcelosomers
jeffersonlam
aki_iinuma
bermonpainter
mojombo
