Upgrade to Pro — share decks privately, control downloads, hide ads and more …

Gems You Might Not Need - Authentication and Au...

Avatar for Brandon Beacher Brandon Beacher
March 30, 2012
Programming
5
370

Gems You Might Not Need - Authentication and Authorization

Avatar for Brandon Beacher

Brandon Beacher

March 30, 2012
Tweet

More Decks by Brandon Beacher

See All by Brandon Beacher
Ruby for Recruiters
Avatar for Brandon Beacher brandon_beacher
1
70
Academic Software Development Collaboration Tools
Avatar for Brandon Beacher brandon_beacher
3
180

Other Decks in Programming

See All in Programming
AIレビュアーをスケールさせるには / Scaling AI Reviewers
Avatar for technuma technuma
2
230
LLMOpsのパフォーマンスを支える技術と現場で実践した改善
Avatar for po3rin po3rin
8
990
Laravel Boost 超入門
Avatar for Arlo fire_arlo
2
140
為你自己學 Python - 冷知識篇
Avatar for 高見龍 eddie
1
280
自作OSでDOOMを動かしてみた
Avatar for Zakki zakki0925224
1
1.4k
TanStack DB ~状態管理の新しい考え方~
Avatar for じょうげん bmthd
2
350
The state patternの実践 個人開発で培ったpractice集
Avatar for miyanokomiya miyanokomiya
0
150
Improving my own Ruby thereafter
Avatar for monochrome sisshiki1969
1
120
あのころの iPod を どうにか再生させたい
Avatar for orumin orumin
2
2.5k
CSC305 Summer Lecture 12
Avatar for Javier Gonzalez-Sanchez javiergs
PRO
0
130
AI時代のドメイン駆動設計-DDD実践におけるAI活用のあり方 / ddd-in-ai-era
Avatar for MinoDriven minodriven
24
9.2k
🔨 小さなビルドシステムを作る
Avatar for Mutsuha Asada momeemt
2
610

Featured

See All Featured
What's in a price? How to price your products and services
Avatar for Michael Herold michaelherold
246
12k
[RailsConf 2023 Opening Keynote] The Magic of Rails
Avatar for Eileen M. Uchitelle eileencodes
30
9.6k
4 Signs Your Business is Dying
Avatar for Josh Pigford shpigford
184
22k
Improving Core Web Vitals using Speculation Rules API
Avatar for Sergey Chernyshev sergeychernyshev
18
1.1k
Cheating the UX When There Is Nothing More to Optimize - PixelPioneers
Avatar for Stéphanie Walter stephaniewalter
284
13k
XXLCSS - How to scale CSS and keep your sanity
Avatar for Zaharenia Atzitzikaki sugarenia
248
1.3M
The World Runs on Bad Software
Avatar for Brandon Keepers bkeepers
PRO
70
11k
Put a Button on it: Removing Barriers to Going Fast.
Avatar for kastner kastner
60
4k
Java REST API Framework Comparison - PWX 2021
Avatar for Matt Raible mraible
33
8.8k
Designing for Performance
Avatar for Lara Hogan lara
610
69k
Code Reviewing Like a Champion
Avatar for maltzj maltzj
525
40k
Imperfection Machines: The Place of Print at Facebook
Avatar for Scott Boms scottboms
268
13k

Transcript

  1. Gems You Might Not Need Authentication and Authorization

  2. Authentication Who are you? Authorization Are you allowed to do

    that?

  3. Do I need an authentication gem? Maybe not...

  4. has_secure_password • Built in to newer versions of Rails •

    Adds methods to set and authenticate against a BCrypt password. • This mechanism requires you to have a password_digest attribute. https://gist.github.com/2252946

  5. Invitations • Add an invitation_token string attribute to your model

    • Generate the token with ActiveSupport:: SecureRandom.hex https://gist.github.com/2253047

  6. Do I need an authorization gem? Maybe not...

  7. Before filters • Methods with redirects https://gist.github.com/2253206

  8. Before filters - a step further • Stay flexible to

    meet needs https://gist.github.com/3f28fd45a9755dfafd72

  9. The Forbid pattern • When you need to get more

    granular than before filters • class ForbiddenError < StandardError • rescue_from ForbiddenError https://gist.github.com/2253303

  10. The Forbid pattern - a step further • Stay flexible

    to meet business needs https://gist.github.com/2253352

  11. The End • Simple • Flexible • Easy to understand