Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
Gems You Might Not Need - Authentication and Au...
Search
Brandon Beacher
March 30, 2012
Programming
5
370
Gems You Might Not Need - Authentication and Authorization
Brandon Beacher
March 30, 2012
Tweet
Share
More Decks by Brandon Beacher
See All by Brandon Beacher
Ruby for Recruiters
brandon_beacher
1
70
Academic Software Development Collaboration Tools
brandon_beacher
3
180
Other Decks in Programming
See All in Programming
AIレビュアーをスケールさせるには / Scaling AI Reviewers
technuma
2
230
LLMOpsのパフォーマンスを支える技術と現場で実践した改善
po3rin
8
990
Laravel Boost 超入門
fire_arlo
2
140
為你自己學 Python - 冷知識篇
eddie
1
280
自作OSでDOOMを動かしてみた
zakki0925224
1
1.4k
TanStack DB ~状態管理の新しい考え方~
bmthd
2
350
The state patternの実践 個人開発で培ったpractice集
miyanokomiya
0
150
Improving my own Ruby thereafter
sisshiki1969
1
120
あのころの iPod を どうにか再生させたい
orumin
2
2.5k
CSC305 Summer Lecture 12
javiergs
PRO
0
130
AI時代のドメイン駆動設計-DDD実践におけるAI活用のあり方 / ddd-in-ai-era
minodriven
24
9.2k
🔨 小さなビルドシステムを作る
momeemt
2
610
Featured
See All Featured
What's in a price? How to price your products and services
michaelherold
246
12k
[RailsConf 2023 Opening Keynote] The Magic of Rails
eileencodes
30
9.6k
4 Signs Your Business is Dying
shpigford
184
22k
Improving Core Web Vitals using Speculation Rules API
sergeychernyshev
18
1.1k
Cheating the UX When There Is Nothing More to Optimize - PixelPioneers
stephaniewalter
284
13k
XXLCSS - How to scale CSS and keep your sanity
sugarenia
248
1.3M
The World Runs on Bad Software
bkeepers
PRO
70
11k
Put a Button on it: Removing Barriers to Going Fast.
kastner
60
4k
Java REST API Framework Comparison - PWX 2021
mraible
33
8.8k
Designing for Performance
lara
610
69k
Code Reviewing Like a Champion
maltzj
525
40k
Imperfection Machines: The Place of Print at Facebook
scottboms
268
13k
Transcript
Gems You Might Not Need Authentication and Authorization
Authentication Who are you? Authorization Are you allowed to do
that?
Do I need an authentication gem? Maybe not...
has_secure_password • Built in to newer versions of Rails •
Adds methods to set and authenticate against a BCrypt password. • This mechanism requires you to have a password_digest attribute. https://gist.github.com/2252946
Invitations • Add an invitation_token string attribute to your model
• Generate the token with ActiveSupport:: SecureRandom.hex https://gist.github.com/2253047
Do I need an authorization gem? Maybe not...
Before filters • Methods with redirects https://gist.github.com/2253206
Before filters - a step further • Stay flexible to
meet needs https://gist.github.com/3f28fd45a9755dfafd72
The Forbid pattern • When you need to get more
granular than before filters • class ForbiddenError < StandardError • rescue_from ForbiddenError https://gist.github.com/2253303
The Forbid pattern - a step further • Stay flexible
to meet business needs https://gist.github.com/2253352
The End • Simple • Flexible • Easy to understand