Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
Gems You Might Not Need - Authentication and Au...
Search
Sponsored
·
Ship Features Fearlessly
Turn features on and off without deploys. Used by thousands of Ruby developers.
→
Brandon Beacher
March 30, 2012
Programming
5
380
Gems You Might Not Need - Authentication and Authorization
Brandon Beacher
March 30, 2012
Tweet
Share
More Decks by Brandon Beacher
See All by Brandon Beacher
Ruby for Recruiters
brandon_beacher
1
77
Academic Software Development Collaboration Tools
brandon_beacher
3
180
Other Decks in Programming
See All in Programming
Claude Codeの「Compacting Conversation」を体感50%減! CLAUDE.md + 8 Skills で挑むコンテキスト管理術
kmurahama
1
780
Patterns of Patterns
denyspoltorak
0
1.1k
Fragmented Architectures
denyspoltorak
0
120
AI Agent Tool のためのバックエンドアーキテクチャを考える #encraft
izumin5210
6
1.7k
Combinatorial Interview Problems with Backtracking Solutions - From Imperative Procedural Programming to Declarative Functional Programming - Part 2
philipschwarz
PRO
0
150
re:Invent 2025 トレンドからみる製品開発への AI Agent 活用
yoskoh
0
680
【卒業研究】会話ログ分析によるユーザーごとの関心に応じた話題提案手法
momok47
0
170
KIKI_MBSD Cybersecurity Challenges 2025
ikema
0
1.2k
ELYZA_Findy AI Engineering Summit登壇資料_AIコーディング時代に「ちゃんと」やること_toB LLMプロダクト開発舞台裏_20251216
elyza
2
1.2k
コマンドとリード間の連携に対する脅威分析フレームワーク
pandayumi
1
400
GISエンジニアから見たLINKSデータ
nokonoko1203
0
190
PC-6001でPSG曲を鳴らすまでを全部NetBSD上の Makefile に押し込んでみた / osc2025hiroshima
tsutsui
0
210
Featured
See All Featured
Understanding Cognitive Biases in Performance Measurement
bluesmoon
32
2.8k
Tell your own story through comics
letsgokoyo
1
790
Testing 201, or: Great Expectations
jmmastey
46
7.9k
Into the Great Unknown - MozCon
thekraken
40
2.2k
職位にかかわらず全員がリーダーシップを発揮するチーム作り / Building a team where everyone can demonstrate leadership regardless of position
madoxten
54
49k
The Illustrated Children's Guide to Kubernetes
chrisshort
51
51k
Public Speaking Without Barfing On Your Shoes - THAT 2023
reverentgeek
1
290
Building Flexible Design Systems
yeseniaperezcruz
330
40k
Max Prin - Stacking Signals: How International SEO Comes Together (And Falls Apart)
techseoconnect
PRO
0
71
実際に使うSQLの書き方 徹底解説 / pgcon21j-tutorial
soudai
PRO
196
71k
Fashionably flexible responsive web design (full day workshop)
malarkey
408
66k
Utilizing Notion as your number one productivity tool
mfonobong
2
200
Transcript
Gems You Might Not Need Authentication and Authorization
Authentication Who are you? Authorization Are you allowed to do
that?
Do I need an authentication gem? Maybe not...
has_secure_password • Built in to newer versions of Rails •
Adds methods to set and authenticate against a BCrypt password. • This mechanism requires you to have a password_digest attribute. https://gist.github.com/2252946
Invitations • Add an invitation_token string attribute to your model
• Generate the token with ActiveSupport:: SecureRandom.hex https://gist.github.com/2253047
Do I need an authorization gem? Maybe not...
Before filters • Methods with redirects https://gist.github.com/2253206
Before filters - a step further • Stay flexible to
meet needs https://gist.github.com/3f28fd45a9755dfafd72
The Forbid pattern • When you need to get more
granular than before filters • class ForbiddenError < StandardError • rescue_from ForbiddenError https://gist.github.com/2253303
The Forbid pattern - a step further • Stay flexible
to meet business needs https://gist.github.com/2253352
The End • Simple • Flexible • Easy to understand
brandon_beacher
kmurahama
denyspoltorak
izumin5210
philipschwarz
yoskoh
momok47
ikema
elyza
pandayumi
nokonoko1203
tsutsui
bluesmoon
letsgokoyo
jmmastey
thekraken
madoxten
chrisshort
reverentgeek
yeseniaperezcruz
techseoconnect
soudai
malarkey
mfonobong
