Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
Gems You Might Not Need - Authentication and Au...
Search
Brandon Beacher
March 30, 2012
Programming
5
370
Gems You Might Not Need - Authentication and Authorization
Brandon Beacher
March 30, 2012
Tweet
Share
More Decks by Brandon Beacher
See All by Brandon Beacher
Ruby for Recruiters
brandon_beacher
1
66
Academic Software Development Collaboration Tools
brandon_beacher
3
170
Other Decks in Programming
See All in Programming
バックエンドのためのアプリ内課金入門 (サブスク編)
qnighy
8
1.8k
iOSエンジニアから始める visionOS アプリ開発
nao_randd
3
130
ASP. NET CoreにおけるWebAPIの最新情報
tomokusaba
0
360
XStateを用いた堅牢なReact Components設計~複雑なClient Stateをシンプルに~ @React Tokyo ミートアップ #2
kfurusho
1
870
GoとPHPのインターフェイスの違い
shimabox
2
170
Immutable ActiveRecord
megane42
0
140
Software Architecture
hschwentner
6
2.1k
ファインディLT_ポケモン対戦の定量的分析
fufufukakaka
0
490
『品質』という言葉が嫌いな理由
korimu
0
160
Flutter × Firebase Genkit で加速する生成 AI アプリ開発
coborinai
0
150
ARA Ansible for the teams
kksat
0
150
パスキーのすべて ── 導入・UX設計・実装の紹介 / 20250213 パスキー開発者の集い
kuralab
3
730
Featured
See All Featured
Responsive Adventures: Dirty Tricks From The Dark Corners of Front-End
smashingmag
251
21k
Art, The Web, and Tiny UX
lynnandtonic
298
20k
Distributed Sagas: A Protocol for Coordinating Microservices
caitiem20
330
21k
Building Flexible Design Systems
yeseniaperezcruz
328
38k
Save Time (by Creating Custom Rails Generators)
garrettdimon
PRO
29
1k
A Philosophy of Restraint
colly
203
16k
Evolution of real-time – Irina Nazarova, EuRuKo, 2024
irinanazarova
6
550
Into the Great Unknown - MozCon
thekraken
35
1.6k
Optimising Largest Contentful Paint
csswizardry
34
3.1k
Building an army of robots
kneath
302
45k
JavaScript: Past, Present, and Future - NDC Porto 2020
reverentgeek
47
5.2k
The Illustrated Children's Guide to Kubernetes
chrisshort
48
49k
Transcript
Gems You Might Not Need Authentication and Authorization
Authentication Who are you? Authorization Are you allowed to do
that?
Do I need an authentication gem? Maybe not...
has_secure_password • Built in to newer versions of Rails •
Adds methods to set and authenticate against a BCrypt password. • This mechanism requires you to have a password_digest attribute. https://gist.github.com/2252946
Invitations • Add an invitation_token string attribute to your model
• Generate the token with ActiveSupport:: SecureRandom.hex https://gist.github.com/2253047
Do I need an authorization gem? Maybe not...
Before filters • Methods with redirects https://gist.github.com/2253206
Before filters - a step further • Stay flexible to
meet needs https://gist.github.com/3f28fd45a9755dfafd72
The Forbid pattern • When you need to get more
granular than before filters • class ForbiddenError < StandardError • rescue_from ForbiddenError https://gist.github.com/2253303
The Forbid pattern - a step further • Stay flexible
to meet business needs https://gist.github.com/2253352
The End • Simple • Flexible • Easy to understand
brandon_beacher
qnighy
nao_randd
tomokusaba
kfurusho
shimabox
megane42
hschwentner
fufufukakaka
korimu
coborinai
kksat
kuralab
smashingmag
lynnandtonic
caitiem20
yeseniaperezcruz
garrettdimon
colly
irinanazarova
thekraken
csswizardry
kneath
reverentgeek
chrisshort
