Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
Gems You Might Not Need - Authentication and Au...
Search
Brandon Beacher
March 30, 2012
Programming
5
380
Gems You Might Not Need - Authentication and Authorization
Brandon Beacher
March 30, 2012
Tweet
Share
More Decks by Brandon Beacher
See All by Brandon Beacher
Ruby for Recruiters
brandon_beacher
1
78
Academic Software Development Collaboration Tools
brandon_beacher
3
180
Other Decks in Programming
See All in Programming
How to stabilize UI tests using XCTest
akkeylab
0
140
Claude Code Skill入門
mayahoney
0
440
Mastering Event Sourcing: Your Parents Holidayed in Yugoslavia
super_marek
0
120
ベクトル検索のフィルタを用いた機械学習モデルとの統合 / python-meetup-fukuoka-06-vector-attr
monochromegane
2
560
モダンOBSプラグイン開発
umireon
0
180
PHPで TLSのプロトコルを実装してみる
higaki_program
0
510
今年もTECHSCOREブログを書き続けます!
hiraoku101
0
180
Codex CLIのSubagentsによる並列API実装 / Parallel API Implementation with Codex CLI Subagents
takatty
2
580
Strategy for Finding a Problem for OSS: With Real Examples
kibitan
0
110
S3ストレージクラスの「見える」「ある」「使える」は全部違う ─ 体験から見た、仕様の深淵を覗く
ya_ma23
0
1.2k
実践ハーネスエンジニアリング #MOSHTech
kajitack
7
4.5k
Angular-Apps smarter machen mit Gen AI: Lokal und offlinefähig - Hands-on Workshop!
christianliebel
PRO
0
140
Featured
See All Featured
Lessons Learnt from Crawling 1000+ Websites
charlesmeaden
PRO
1
1.2k
Between Models and Reality
mayunak
2
240
The World Runs on Bad Software
bkeepers
PRO
72
12k
Scaling GitHub
holman
464
140k
The Success of Rails: Ensuring Growth for the Next 100 Years
eileencodes
47
8k
Accessibility Awareness
sabderemane
0
85
A Soul's Torment
seathinner
5
2.5k
Building the Perfect Custom Keyboard
takai
2
720
Typedesign – Prime Four
hannesfritz
42
3k
End of SEO as We Know It (SMX Advanced Version)
ipullrank
3
4.1k
30 Presentation Tips
portentint
PRO
1
260
How To Speak Unicorn (iThemes Webinar)
marktimemedia
1
420
Transcript
Gems You Might Not Need Authentication and Authorization
Authentication Who are you? Authorization Are you allowed to do
that?
Do I need an authentication gem? Maybe not...
has_secure_password • Built in to newer versions of Rails •
Adds methods to set and authenticate against a BCrypt password. • This mechanism requires you to have a password_digest attribute. https://gist.github.com/2252946
Invitations • Add an invitation_token string attribute to your model
• Generate the token with ActiveSupport:: SecureRandom.hex https://gist.github.com/2253047
Do I need an authorization gem? Maybe not...
Before filters • Methods with redirects https://gist.github.com/2253206
Before filters - a step further • Stay flexible to
meet needs https://gist.github.com/3f28fd45a9755dfafd72
The Forbid pattern • When you need to get more
granular than before filters • class ForbiddenError < StandardError • rescue_from ForbiddenError https://gist.github.com/2253303
The Forbid pattern - a step further • Stay flexible
to meet business needs https://gist.github.com/2253352
The End • Simple • Flexible • Easy to understand
brandon_beacher
akkeylab
mayahoney
super_marek
monochromegane
umireon
higaki_program
hiraoku101
takatty
kibitan
ya_ma23
kajitack
christianliebel
charlesmeaden
mayunak
bkeepers
holman
eileencodes
sabderemane
seathinner
takai
hannesfritz
ipullrank
portentint
marktimemedia
