Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
Gems You Might Not Need - Authentication and Au...
Search
Brandon Beacher
March 30, 2012
Programming
380
5
Share
Gems You Might Not Need - Authentication and Authorization
Brandon Beacher
March 30, 2012
More Decks by Brandon Beacher
See All by Brandon Beacher
Ruby for Recruiters
brandon_beacher
1
78
Academic Software Development Collaboration Tools
brandon_beacher
3
180
Other Decks in Programming
See All in Programming
実践ハーネスエンジニアリング #MOSHTech
kajitack
7
5.1k
一度始めたらやめられない開発効率向上術 / Findy あなたのdotfilesを教えて!
k0kubun
3
2.6k
Reactive ❤️ Loom: A Forbidden Love Story
franz1981
2
210
Feature Toggle は捨てやすく使おう
gennei
0
390
PHPのバージョンアップ時にも役立ったAST(2026年版)
matsuo_atsushi
0
270
条件判定に名前、つけてますか? #phperkaigi #c
77web
2
880
Java 21/25 Virtual Threads 소개
debop
0
310
Migration to Signals, Signal Forms, Resource API, and NgRx Signal Store @Angular Days 03/2026 Munich
manfredsteyer
PRO
0
200
ローカルで稼働する AI エージェントを超えて / beyond-local-ai-agents
gawa
1
190
我々はなぜ「層」を分けるのか〜「関心の分離」と「抽象化」で手に入れる変更に強いシンプルな設計〜 #phperkaigi / PHPerKaigi 2026
shogogg
2
720
野球解説AI Agentを開発してみた - 2026/02/27 LayerX社内LT会資料
shinyorke
PRO
0
380
Codex CLI でつくる、Issue から merge までの開発フロー
amata1219
0
260
Featured
See All Featured
The MySQL Ecosystem @ GitHub 2015
samlambert
251
13k
Building a A Zero-Code AI SEO Workflow
portentint
PRO
0
420
Collaborative Software Design: How to facilitate domain modelling decisions
baasie
0
180
JavaScript: Past, Present, and Future - NDC Porto 2020
reverentgeek
52
5.9k
Building AI with AI
inesmontani
PRO
1
830
Are puppies a ranking factor?
jonoalderson
1
3.2k
Marketing to machines
jonoalderson
1
5.1k
The Invisible Side of Design
smashingmag
302
51k
The Director’s Chair: Orchestrating AI for Truly Effective Learning
tmiket
1
140
What's in a price? How to price your products and services
michaelherold
247
13k
Taking LLMs out of the black box: A practical guide to human-in-the-loop distillation
inesmontani
PRO
3
2.1k
Keith and Marios Guide to Fast Websites
keithpitt
413
23k
Transcript
Gems You Might Not Need Authentication and Authorization
Authentication Who are you? Authorization Are you allowed to do
that?
Do I need an authentication gem? Maybe not...
has_secure_password • Built in to newer versions of Rails •
Adds methods to set and authenticate against a BCrypt password. • This mechanism requires you to have a password_digest attribute. https://gist.github.com/2252946
Invitations • Add an invitation_token string attribute to your model
• Generate the token with ActiveSupport:: SecureRandom.hex https://gist.github.com/2253047
Do I need an authorization gem? Maybe not...
Before filters • Methods with redirects https://gist.github.com/2253206
Before filters - a step further • Stay flexible to
meet needs https://gist.github.com/3f28fd45a9755dfafd72
The Forbid pattern • When you need to get more
granular than before filters • class ForbiddenError < StandardError • rescue_from ForbiddenError https://gist.github.com/2253303
The Forbid pattern - a step further • Stay flexible
to meet business needs https://gist.github.com/2253352
The End • Simple • Flexible • Easy to understand
brandon_beacher
kajitack
k0kubun
franz1981
gennei
matsuo_atsushi
77web
debop
manfredsteyer
gawa
shogogg
shinyorke
amata1219
samlambert
portentint
baasie
reverentgeek
inesmontani
jonoalderson
smashingmag
tmiket
michaelherold
keithpitt
