Upgrade to Pro — share decks privately, control downloads, hide ads and more …

Gems You Might Not Need - Authentication and Au...

Avatar for Brandon Beacher Brandon Beacher
March 30, 2012
Programming
5
370

Gems You Might Not Need - Authentication and Authorization

Avatar for Brandon Beacher

Brandon Beacher

March 30, 2012
Tweet

More Decks by Brandon Beacher

See All by Brandon Beacher
Ruby for Recruiters
Avatar for Brandon Beacher brandon_beacher
1
73
Academic Software Development Collaboration Tools
Avatar for Brandon Beacher brandon_beacher
3
180

Other Decks in Programming

See All in Programming
組込みだけじゃない!TinyGo で始める無料クラウド開発入門
Avatar for Kotaro Otaka otakakot
2
380
他言語経験者が Golangci-lint を最初のコーディングメンターにした話 / How Golangci-lint Became My First Coding Mentor: A Story from a Polyglot Programmer
Avatar for uMa uma31
0
480
React Nativeならぬ"Vue Native"が実現するかも?_新世代マルチプラットフォーム開発フレームワークのLynxとLynxのVue.js対応を追ってみよう_Vue Lynx
Avatar for Yuto Nagai(Future) yut0naga1_fa
2
1.9k
Dive into Triton Internals
Avatar for Liam Jongsu Kim appleparan
0
350
Software Architecture
Avatar for Henning Schwentner hschwentner
6
2.4k
data-viz-talk-cz-2025
Avatar for Leonardo Collado-Torres lcolladotor
0
100
Pythonに漸進的に型をつける
Avatar for Nealle nealle
1
140
マンガアプリViewerの大画面対応を考える
Avatar for kk__777 kk__777
0
430
Claude Agent SDK を使ってみよう
Avatar for Hayami Shuhei hyshu
0
1.4k
iOSでSVG画像を扱う
Avatar for Kishikawa Katsumi kishikawakatsumi
0
180
Vue 3.6 時代のリアクティビティ最前線 〜Vapor/alien-signals の実践とパフォーマンス最適化〜
Avatar for Shingo Hiranuma hiranuma
2
330
AI時代に必須!状況言語化スキル / ai-context-verbalization
Avatar for MinoDriven minodriven
2
250

Featured

See All Featured
A better future with KSS
Avatar for Kyle Neath kneath
239
18k
[Rails World 2023 - Day 1 Closing Keynote] - The Magic of Rails
Avatar for Eileen M. Uchitelle eileencodes
37
2.6k
Why Our Code Smells
Avatar for Brandon Keepers bkeepers
PRO
340
57k
A designer walks into a library…
Avatar for Paul Jervis Heath pauljervisheath
209
24k
CSS Pre-Processors: Stylus, Less & Sass
Avatar for Bermon Painter bermonpainter
359
30k
Visualization
Avatar for Eitan Lees eitanlees
150
16k
Into the Great Unknown - MozCon
Avatar for Noah Learner thekraken
40
2.1k
Stop Working from a Prison Cell
Avatar for Chris Michel hatefulcrawdad
272
21k
Understanding Cognitive Biases in Performance Measurement
Avatar for Philip Tellis bluesmoon
31
2.7k
The Cult of Friendly URLs
Avatar for Andy Hume andyhume
79
6.6k
Chrome DevTools: State of the Union 2024 - Debugging React & Beyond
Avatar for Addy Osmani addyosmani
9
940
jQuery: Nuts, Bolts and Bling
Avatar for Doug Neiner dougneiner
65
7.9k

Transcript

  1. Gems You Might Not Need Authentication and Authorization

  2. Authentication Who are you? Authorization Are you allowed to do

    that?

  3. Do I need an authentication gem? Maybe not...

  4. has_secure_password • Built in to newer versions of Rails •

    Adds methods to set and authenticate against a BCrypt password. • This mechanism requires you to have a password_digest attribute. https://gist.github.com/2252946

  5. Invitations • Add an invitation_token string attribute to your model

    • Generate the token with ActiveSupport:: SecureRandom.hex https://gist.github.com/2253047

  6. Do I need an authorization gem? Maybe not...

  7. Before filters • Methods with redirects https://gist.github.com/2253206

  8. Before filters - a step further • Stay flexible to

    meet needs https://gist.github.com/3f28fd45a9755dfafd72

  9. The Forbid pattern • When you need to get more

    granular than before filters • class ForbiddenError < StandardError • rescue_from ForbiddenError https://gist.github.com/2253303

  10. The Forbid pattern - a step further • Stay flexible

    to meet business needs https://gist.github.com/2253352

  11. The End • Simple • Flexible • Easy to understand