Upgrade to Pro — share decks privately, control downloads, hide ads and more …

Gems You Might Not Need - Authentication and Au...

Avatar for Brandon Beacher Brandon Beacher
March 30, 2012
Programming
5
370

Gems You Might Not Need - Authentication and Authorization

Avatar for Brandon Beacher

Brandon Beacher

March 30, 2012
Tweet

More Decks by Brandon Beacher

See All by Brandon Beacher
Ruby for Recruiters
Avatar for Brandon Beacher brandon_beacher
1
70
Academic Software Development Collaboration Tools
Avatar for Brandon Beacher brandon_beacher
3
180

Other Decks in Programming

See All in Programming
decksh - a little language for decks
Avatar for Anthony Starks ajstarks
4
21k
No Install CMS戦略 〜 5年先を見据えたフロントエンド開発を考える / no_install_cms
Avatar for Masahiko Sakakibara rdlabo
0
470
新しいモバイルアプリ勉強会(仮)について
Avatar for 上ちょ / uetyo uetyo
1
250
DynamoDBは怖くない!〜テーブル設計の勘所とテスト戦略〜
Avatar for hiroto_0411 hyamazaki
0
190
プロダクトという一杯を作る - プロダクトチームが味の責任を持つまでの煮込み奮闘記
Avatar for 幡ヶ谷亭直吉 hiliteeternal
0
420
技術的負債で信頼性が限界だったWordPress運用をShifterで完全復活させた話
Avatar for adachi.ryo rvirus0817
0
420
WebAssemblyインタプリタを書く ~Component Modelを添えて~
Avatar for ruccho ruccho
1
590
階層化自動テストで開発に機動力を
Avatar for ICKX ickx
1
480
「リーダーは意思決定する人」って本当?~ 学びを現場で活かす、リーダー4ヶ月目の試行錯誤 ~
Avatar for Marina Nakagawa marina1017
0
150
[DevinMeetupTokyo2025] コード書かせないDevinの使い方
Avatar for yoshi takumiyoshikawa
2
270
Constant integer division faster than compiler-generated code
Avatar for herumi herumi
2
460
AIのメモリー
Avatar for watany watany
13
1.3k

Featured

See All Featured
BBQ
Avatar for Matthew Crist matthewcrist
89
9.8k
The Success of Rails: Ensuring Growth for the Next 100 Years
Avatar for Eileen M. Uchitelle eileencodes
46
7.5k
Visualization
Avatar for Eitan Lees eitanlees
146
16k
Designing for humans not robots
Avatar for Tammie Lister tammielis
253
25k
For a Future-Friendly Web
Avatar for Brad Frost brad_frost
179
9.9k
Reflections from 52 weeks, 52 projects
Avatar for Jefferson Lam jeffersonlam
351
21k
KATA
Avatar for Megan Lloyd mclloyd
32
14k
Into the Great Unknown - MozCon
Avatar for Noah Learner thekraken
40
2k
Docker and Python
Avatar for Tania Allard trallard
45
3.5k
Performance Is Good for Brains [We Love Speed 2024]
Avatar for Tammy Everts tammyeverts
10
1k
Git: the NoSQL Database
Avatar for Brandon Keepers bkeepers
PRO
431
65k
Fireside Chat
Avatar for paigeccino paigeccino
38
3.6k

Transcript

  1. Gems You Might Not Need Authentication and Authorization

  2. Authentication Who are you? Authorization Are you allowed to do

    that?

  3. Do I need an authentication gem? Maybe not...

  4. has_secure_password • Built in to newer versions of Rails •

    Adds methods to set and authenticate against a BCrypt password. • This mechanism requires you to have a password_digest attribute. https://gist.github.com/2252946

  5. Invitations • Add an invitation_token string attribute to your model

    • Generate the token with ActiveSupport:: SecureRandom.hex https://gist.github.com/2253047

  6. Do I need an authorization gem? Maybe not...

  7. Before filters • Methods with redirects https://gist.github.com/2253206

  8. Before filters - a step further • Stay flexible to

    meet needs https://gist.github.com/3f28fd45a9755dfafd72

  9. The Forbid pattern • When you need to get more

    granular than before filters • class ForbiddenError < StandardError • rescue_from ForbiddenError https://gist.github.com/2253303

  10. The Forbid pattern - a step further • Stay flexible

    to meet business needs https://gist.github.com/2253352

  11. The End • Simple • Flexible • Easy to understand