Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
Gems You Might Not Need - Authentication and Au...
Search
Brandon Beacher
March 30, 2012
Programming
5
370
Gems You Might Not Need - Authentication and Authorization
Brandon Beacher
March 30, 2012
Tweet
Share
More Decks by Brandon Beacher
See All by Brandon Beacher
Ruby for Recruiters
brandon_beacher
1
70
Academic Software Development Collaboration Tools
brandon_beacher
3
180
Other Decks in Programming
See All in Programming
AIともっと楽するE2Eテスト
myohei
8
3k
The Niche of CDK Grant オブジェクトって何者?/the-niche-of-cdk-what-isgrant-object
hassaku63
1
610
iOS 26にアップデートすると実機でのHot Reloadができない?
umigishiaoi
0
140
Flutterで備える!Accessibility Nutrition Labels完全ガイド
yuukiw00w
0
170
ISUCON研修おかわり会 講義スライド
arfes0e2b3c
1
470
LT 2025-06-30: プロダクトエンジニアの役割
yamamotok
0
870
新メンバーも今日から大活躍!SREが支えるスケールし続ける組織のオンボーディング
honmarkhunt
5
8.7k
코딩 에이전트 체크리스트: Claude Code ver.
nacyot
0
930
#QiitaBash MCPのセキュリティ
ryosukedtomita
1
1.5k
“いい感じ“な定量評価を求めて - Four Keysとアウトカムの間の探求 -
nealle
2
12k
Model Pollution
hschwentner
1
160
Python型ヒント完全ガイド 初心者でも分かる、現代的で実践的な使い方
mickey_kubo
1
240
Featured
See All Featured
Music & Morning Musume
bryan
46
6.7k
No one is an island. Learnings from fostering a developers community.
thoeni
21
3.4k
Adopting Sorbet at Scale
ufuk
77
9.5k
What’s in a name? Adding method to the madness
productmarketing
PRO
23
3.5k
Agile that works and the tools we love
rasmusluckow
329
21k
Templates, Plugins, & Blocks: Oh My! Creating the theme that thinks of everything
marktimemedia
31
2.4k
Balancing Empowerment & Direction
lara
1
450
Designing Experiences People Love
moore
142
24k
It's Worth the Effort
3n
185
28k
We Have a Design System, Now What?
morganepeng
53
7.7k
For a Future-Friendly Web
brad_frost
179
9.8k
A better future with KSS
kneath
238
17k
Transcript
Gems You Might Not Need Authentication and Authorization
Authentication Who are you? Authorization Are you allowed to do
that?
Do I need an authentication gem? Maybe not...
has_secure_password • Built in to newer versions of Rails •
Adds methods to set and authenticate against a BCrypt password. • This mechanism requires you to have a password_digest attribute. https://gist.github.com/2252946
Invitations • Add an invitation_token string attribute to your model
• Generate the token with ActiveSupport:: SecureRandom.hex https://gist.github.com/2253047
Do I need an authorization gem? Maybe not...
Before filters • Methods with redirects https://gist.github.com/2253206
Before filters - a step further • Stay flexible to
meet needs https://gist.github.com/3f28fd45a9755dfafd72
The Forbid pattern • When you need to get more
granular than before filters • class ForbiddenError < StandardError • rescue_from ForbiddenError https://gist.github.com/2253303
The Forbid pattern - a step further • Stay flexible
to meet business needs https://gist.github.com/2253352
The End • Simple • Flexible • Easy to understand