Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
Gems You Might Not Need - Authentication and Au...
Search
Brandon Beacher
March 30, 2012
Programming
5
370
Gems You Might Not Need - Authentication and Authorization
Brandon Beacher
March 30, 2012
Tweet
Share
More Decks by Brandon Beacher
See All by Brandon Beacher
Ruby for Recruiters
brandon_beacher
1
70
Academic Software Development Collaboration Tools
brandon_beacher
3
180
Other Decks in Programming
See All in Programming
Deep Dive into Kotlin Flow
jmatsu
1
370
チームのテスト力を鍛える
goyoki
3
930
Namespace and Its Future
tagomoris
6
710
MCPでVibe Working。そして、結局はContext Eng(略)/ Working with Vibe on MCP And Context Eng
rkaga
5
2.3k
実用的なGOCACHEPROG実装をするために / golang.tokyo #40
mazrean
1
300
Improving my own Ruby thereafter
sisshiki1969
1
160
楽して成果を出すためのセルフリソース管理
clipnote
0
190
Performance for Conversion! 分散トレーシングでボトルネックを 特定せよ
inetand
0
3.4k
RDoc meets YARD
okuramasafumi
4
170
機能追加とリーダー業務の類似性
rinchoku
2
1.3k
為你自己學 Python - 冷知識篇
eddie
1
350
Updates on MLS on Ruby (and maybe more)
sylph01
1
180
Featured
See All Featured
Done Done
chrislema
185
16k
個人開発の失敗を避けるイケてる考え方 / tips for indie hackers
panda_program
113
20k
ピンチをチャンスに:未来をつくるプロダクトロードマップ #pmconf2020
aki_iinuma
127
53k
How to Create Impact in a Changing Tech Landscape [PerfNow 2023]
tammyeverts
53
3k
Understanding Cognitive Biases in Performance Measurement
bluesmoon
29
1.9k
StorybookのUI Testing Handbookを読んだ
zakiyama
31
6.1k
Sharpening the Axe: The Primacy of Toolmaking
bcantrill
44
2.5k
Six Lessons from altMBA
skipperchong
28
4k
A Tale of Four Properties
chriscoyier
160
23k
I Don’t Have Time: Getting Over the Fear to Launch Your Podcast
jcasabona
33
2.4k
Fashionably flexible responsive web design (full day workshop)
malarkey
407
66k
Reflections from 52 weeks, 52 projects
jeffersonlam
352
21k
Transcript
Gems You Might Not Need Authentication and Authorization
Authentication Who are you? Authorization Are you allowed to do
that?
Do I need an authentication gem? Maybe not...
has_secure_password • Built in to newer versions of Rails •
Adds methods to set and authenticate against a BCrypt password. • This mechanism requires you to have a password_digest attribute. https://gist.github.com/2252946
Invitations • Add an invitation_token string attribute to your model
• Generate the token with ActiveSupport:: SecureRandom.hex https://gist.github.com/2253047
Do I need an authorization gem? Maybe not...
Before filters • Methods with redirects https://gist.github.com/2253206
Before filters - a step further • Stay flexible to
meet needs https://gist.github.com/3f28fd45a9755dfafd72
The Forbid pattern • When you need to get more
granular than before filters • class ForbiddenError < StandardError • rescue_from ForbiddenError https://gist.github.com/2253303
The Forbid pattern - a step further • Stay flexible
to meet business needs https://gist.github.com/2253352
The End • Simple • Flexible • Easy to understand