Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
Gems You Might Not Need - Authentication and Authorization
Search
Brandon Beacher
March 30, 2012
Programming
5
370
Gems You Might Not Need - Authentication and Authorization
Brandon Beacher
March 30, 2012
Tweet
Share
More Decks by Brandon Beacher
See All by Brandon Beacher
Ruby for Recruiters
brandon_beacher
1
57
Academic Software Development Collaboration Tools
brandon_beacher
3
160
Other Decks in Programming
See All in Programming
Amazon SQSコンシューマー疎結合への旅 - 出張! #DevelopersIO IT技術ブログの中の人が語る勉強会 #3
quiver
0
330
Hanami and htmx
bkuhlmann
0
230
使ってみよう Azure AI Document Intelligence
kosmosebi
2
370
Ruby GitHub Packages
bkuhlmann
0
650
Komplexe Oberflächen mit SVG und der Web Animation API
joergneumann
0
680
Elm Form Validation
bkuhlmann
0
520
MetricKitで予期せぬ終了を検知する話 / Detect unexpected termination with MetricKit
nekowen
1
200
ServerAction で Progressive Enhancement はどこまで頑張れるか? / progressive-enhancement-with-server-action
takefumiyoshii
6
450
CDKコントリビュートの最初の壁を越えよう! -簡単issueの見つけ方-
badmintoncryer
3
230
R言語の環境構築と基礎 Tokyo.R 112
bob3bob3
0
280
Going beyond Apache Parquet's default settings
xhochy
0
140
Anthropic Cookbook のおすすめレシピ
schroneko
7
1.3k
Featured
See All Featured
Designing with Data
zakiwarfel
96
4.8k
The Straight Up "How To Draw Better" Workshop
denniskardys
228
130k
5 minutes of I Can Smell Your CMS
philhawksworth
199
19k
Documentation Writing (for coders)
carmenintech
60
4k
Unsuck your backbone
ammeep
664
57k
Thoughts on Productivity
jonyablonski
60
3.9k
Designing Experiences People Love
moore
136
23k
Testing 201, or: Great Expectations
jmmastey
30
6.4k
Become a Pro
speakerdeck
PRO
13
4.6k
ReactJS: Keep Simple. Everything can be a component!
pedronauck
660
120k
Pencils Down: Stop Designing & Start Developing
hursman
117
11k
Rebuilding a faster, lazier Slack
samanthasiow
74
8.2k
Transcript
Gems You Might Not Need Authentication and Authorization
Authentication Who are you? Authorization Are you allowed to do
that?
Do I need an authentication gem? Maybe not...
has_secure_password • Built in to newer versions of Rails •
Adds methods to set and authenticate against a BCrypt password. • This mechanism requires you to have a password_digest attribute. https://gist.github.com/2252946
Invitations • Add an invitation_token string attribute to your model
• Generate the token with ActiveSupport:: SecureRandom.hex https://gist.github.com/2253047
Do I need an authorization gem? Maybe not...
Before filters • Methods with redirects https://gist.github.com/2253206
Before filters - a step further • Stay flexible to
meet needs https://gist.github.com/3f28fd45a9755dfafd72
The Forbid pattern • When you need to get more
granular than before filters • class ForbiddenError < StandardError • rescue_from ForbiddenError https://gist.github.com/2253303
The Forbid pattern - a step further • Stay flexible
to meet business needs https://gist.github.com/2253352
The End • Simple • Flexible • Easy to understand