Lock in $30 Savings on PRO—Offer Ends Soon! ⏳
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
Gems You Might Not Need - Authentication and Au...
Search
Brandon Beacher
March 30, 2012
Programming
5
380
Gems You Might Not Need - Authentication and Authorization
Brandon Beacher
March 30, 2012
Tweet
Share
More Decks by Brandon Beacher
See All by Brandon Beacher
Ruby for Recruiters
brandon_beacher
1
75
Academic Software Development Collaboration Tools
brandon_beacher
3
180
Other Decks in Programming
See All in Programming
ハイパーメディア駆動アプリケーションとIslandアーキテクチャ: htmxによるWebアプリケーション開発と動的UIの局所的適用
nowaki28
0
130
レイトレZ世代に捧ぐ、今からレイトレを始めるための小径
ichi_raven
0
480
『実践MLOps』から学ぶ DevOps for ML
nsakki55
2
500
複数人でのCLI/Infrastructure as Codeの暮らしを良くする
shmokmt
5
1.9k
AIエージェントでのJava開発がはかどるMCPをAIを使って開発してみた / java mcp for jjug
kishida
4
830
AIと協働し、イベントソーシングとアクターモデルで作る後悔しないアーキテクチャ Regret-Free Architecture with AI, Event Sourcing, and Actors
tomohisa
5
14k
Atomics APIを知る / Understanding Atomics API
ssssota
1
230
Querying Design System デザインシステムの意思決定を支える構造検索
ikumatadokoro
1
1.2k
関数実行の裏側では何が起きているのか?
minop1205
1
360
手軽に積ん読を増やすには?/読みたい本と付き合うには?
o0h
PRO
1
120
All(?) About Point Sets
hole
0
230
【レイトレ合宿11】kagayaki_v4
runningoutrate
0
170
Featured
See All Featured
Practical Tips for Bootstrapping Information Extraction Pipelines
honnibal
25
1.6k
JavaScript: Past, Present, and Future - NDC Porto 2020
reverentgeek
52
5.7k
Visualization
eitanlees
150
16k
Rebuilding a faster, lazier Slack
samanthasiow
84
9.3k
The MySQL Ecosystem @ GitHub 2015
samlambert
251
13k
Building Flexible Design Systems
yeseniaperezcruz
329
39k
Keith and Marios Guide to Fast Websites
keithpitt
413
23k
The Illustrated Children's Guide to Kubernetes
chrisshort
51
51k
Statistics for Hackers
jakevdp
799
230k
Fantastic passwords and where to find them - at NoRuKo
philnash
52
3.5k
Context Engineering - Making Every Token Count
addyosmani
9
440
The Web Performance Landscape in 2024 [PerfNow 2024]
tammyeverts
11
950
Transcript
Gems You Might Not Need Authentication and Authorization
Authentication Who are you? Authorization Are you allowed to do
that?
Do I need an authentication gem? Maybe not...
has_secure_password • Built in to newer versions of Rails •
Adds methods to set and authenticate against a BCrypt password. • This mechanism requires you to have a password_digest attribute. https://gist.github.com/2252946
Invitations • Add an invitation_token string attribute to your model
• Generate the token with ActiveSupport:: SecureRandom.hex https://gist.github.com/2253047
Do I need an authorization gem? Maybe not...
Before filters • Methods with redirects https://gist.github.com/2253206
Before filters - a step further • Stay flexible to
meet needs https://gist.github.com/3f28fd45a9755dfafd72
The Forbid pattern • When you need to get more
granular than before filters • class ForbiddenError < StandardError • rescue_from ForbiddenError https://gist.github.com/2253303
The Forbid pattern - a step further • Stay flexible
to meet business needs https://gist.github.com/2253352
The End • Simple • Flexible • Easy to understand
brandon_beacher
nowaki28
ichi_raven
nsakki55
shmokmt
kishida
tomohisa
ssssota
ikumatadokoro
minop1205
o0h
hole
runningoutrate
honnibal
reverentgeek
eitanlees
samanthasiow
samlambert
yeseniaperezcruz
keithpitt
chrisshort
jakevdp
philnash
addyosmani
tammyeverts
