Upgrade to Pro — share decks privately, control downloads, hide ads and more …

Gems You Might Not Need - Authentication and Au...

Avatar for Brandon Beacher Brandon Beacher
March 30, 2012
Programming
5
370

Gems You Might Not Need - Authentication and Authorization

Avatar for Brandon Beacher

Brandon Beacher

March 30, 2012
Tweet

More Decks by Brandon Beacher

See All by Brandon Beacher
Ruby for Recruiters
Avatar for Brandon Beacher brandon_beacher
1
70
Academic Software Development Collaboration Tools
Avatar for Brandon Beacher brandon_beacher
3
180

Other Decks in Programming

See All in Programming
GoのGenericsによるslice操作との付き合い方
Avatar for syumai syumai
2
660
社内での開発コミュニティ活動とモジュラーモノリス標準化事例のご紹介/xPalette and Introduction of Modular monolith standardization
Avatar for Mitsuharu Maruyama m4maruyama
1
130
コードの90%をAIが書く世界で何が待っているのか / What awaits us in a world where 90% of the code is written by AI
Avatar for r-kagaya rkaga
41
27k
セキュリティマネジャー廃止とクラウドネイティブ型サンドボックス活用
Avatar for Kenji Kazumura kazumura
1
190
既存デザインを変更せずにタップ領域を広げる方法
Avatar for Tiphaine tahia910
1
240
技術懸念に立ち向かい 法改正を穏便に乗り切った話
Avatar for popCashew pop_cashew
0
1.5k
業務自動化をJavaとSeleniumとAWS Lambdaで実現した方法
Avatar for GreenFlagProject greenflagproject
1
120
関数型まつりレポート for JuliaTokai #22
Avatar for GOTOH Shunsuke antimon2
0
130
ASP.NETアプリケーションのモダナイズ インフラ編
Avatar for tomokusaba tomokusaba
1
380
複数アプリケーションを育てていくための共通化戦略
Avatar for irof irof
10
4k
カクヨムAndroidアプリのリブート
Avatar for Nabe numeroanddev
0
430
C++20 射影変換
Avatar for Akira Takahashi faithandbrave
0
500

Featured

See All Featured
Music & Morning Musume
Avatar for Bryan Veloso bryan
46
6.6k
Templates, Plugins, & Blocks: Oh My! Creating the theme that thinks of everything
Avatar for Michelle Schulp Hunt marktimemedia
31
2.4k
Large-scale JavaScript Application Architecture
Avatar for Addy Osmani addyosmani
512
110k
4 Signs Your Business is Dying
Avatar for Josh Pigford shpigford
184
22k
Making Projects Easy
Avatar for Brett Harned brettharned
116
6.2k
Six Lessons from altMBA
Avatar for Skipper Chong Warson skipperchong
28
3.8k
Building Adaptive Systems
Avatar for Chris Keathley keathley
43
2.6k
Done Done
Avatar for chrislema chrislema
184
16k
Documentation Writing (for coders)
Avatar for Carmen Chung carmenintech
71
4.9k
VelocityConf: Rendering Performance Case Studies
Avatar for Addy Osmani addyosmani
330
24k
What’s in a name? Adding method to the madness
Avatar for Product Marketing Alliance productmarketing
PRO
22
3.5k
How to Ace a Technical Interview
Avatar for Jacob Kaplan-Moss jacobian
277
23k

Transcript

  1. Gems You Might Not Need Authentication and Authorization

  2. Authentication Who are you? Authorization Are you allowed to do

    that?

  3. Do I need an authentication gem? Maybe not...

  4. has_secure_password • Built in to newer versions of Rails •

    Adds methods to set and authenticate against a BCrypt password. • This mechanism requires you to have a password_digest attribute. https://gist.github.com/2252946

  5. Invitations • Add an invitation_token string attribute to your model

    • Generate the token with ActiveSupport:: SecureRandom.hex https://gist.github.com/2253047

  6. Do I need an authorization gem? Maybe not...

  7. Before filters • Methods with redirects https://gist.github.com/2253206

  8. Before filters - a step further • Stay flexible to

    meet needs https://gist.github.com/3f28fd45a9755dfafd72

  9. The Forbid pattern • When you need to get more

    granular than before filters • class ForbiddenError < StandardError • rescue_from ForbiddenError https://gist.github.com/2253303

  10. The Forbid pattern - a step further • Stay flexible

    to meet business needs https://gist.github.com/2253352

  11. The End • Simple • Flexible • Easy to understand