Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
Gems You Might Not Need - Authentication and Au...
Search
Sponsored
·
Your Podcast. Everywhere. Effortlessly.
Share. Educate. Inspire. Entertain. You do you. We'll handle the rest.
→
Brandon Beacher
March 30, 2012
Programming
380
5
Share
Gems You Might Not Need - Authentication and Authorization
Brandon Beacher
March 30, 2012
More Decks by Brandon Beacher
See All by Brandon Beacher
Ruby for Recruiters
brandon_beacher
1
78
Academic Software Development Collaboration Tools
brandon_beacher
3
180
Other Decks in Programming
See All in Programming
Kingdom of the Machine
yui_knk
2
1.4k
2026_04_15_量子計算をパズルとして解く
hideakitakechi
0
130
Programming with a DJ Controller — not vibe coding
m_seki
3
750
GoogleCloudとterraform完全に理解した
terisuke
1
180
アクセシビリティ試験の"その後"を仕組み化する
yuuumiravy
1
190
Import assertionsが消えた日~ECMAScriptの仕様はどう決まり、なぜ覆るのか~
bicstone
2
170
10 Tips of AWS ~Gen AI on AWS~
licux
5
520
Agent Skills を社内で育てる仕組み作り
jackchuka
0
300
書籍「ユーザーストーリーマッピング」が私のバイブル
asumikam
4
460
2026年のソフトウェア開発を考える(2026/05版) / Software Engineering Scrum Fest Niigata 2026 Edition
twada
PRO
19
10k
いつか誰かが、と思っていた フロントエンド刷新5年間の実践知
kiichisugihara
1
250
How Swift's Type System Guides AI Agents
koher
0
330
Featured
See All Featured
Easily Structure & Communicate Ideas using Wireframe
afnizarnur
194
17k
世界の人気アプリ100個を分析して見えたペイウォール設計の心得
akihiro_kokubo
PRO
70
39k
Building AI with AI
inesmontani
PRO
1
960
Paper Plane (Part 1)
katiecoart
PRO
0
7k
Design and Strategy: How to Deal with People Who Don’t "Get" Design
morganepeng
133
19k
Improving Core Web Vitals using Speculation Rules API
sergeychernyshev
21
1.5k
Money Talks: Using Revenue to Get Sh*t Done
nikkihalliwell
0
210
Understanding Cognitive Biases in Performance Measurement
bluesmoon
32
2.9k
[RailsConf 2023] Rails as a piece of cake
palkan
59
6.5k
Stop Working from a Prison Cell
hatefulcrawdad
274
21k
Facilitating Awesome Meetings
lara
57
6.8k
First, design no harm
axbom
PRO
2
1.2k
Transcript
Gems You Might Not Need Authentication and Authorization
Authentication Who are you? Authorization Are you allowed to do
that?
Do I need an authentication gem? Maybe not...
has_secure_password • Built in to newer versions of Rails •
Adds methods to set and authenticate against a BCrypt password. • This mechanism requires you to have a password_digest attribute. https://gist.github.com/2252946
Invitations • Add an invitation_token string attribute to your model
• Generate the token with ActiveSupport:: SecureRandom.hex https://gist.github.com/2253047
Do I need an authorization gem? Maybe not...
Before filters • Methods with redirects https://gist.github.com/2253206
Before filters - a step further • Stay flexible to
meet needs https://gist.github.com/3f28fd45a9755dfafd72
The Forbid pattern • When you need to get more
granular than before filters • class ForbiddenError < StandardError • rescue_from ForbiddenError https://gist.github.com/2253303
The Forbid pattern - a step further • Stay flexible
to meet business needs https://gist.github.com/2253352
The End • Simple • Flexible • Easy to understand
brandon_beacher
yui_knk
hideakitakechi
m_seki
terisuke
yuuumiravy
bicstone
licux
jackchuka
asumikam
twada
kiichisugihara
koher
afnizarnur
akihiro_kokubo
inesmontani
katiecoart
morganepeng
sergeychernyshev
nikkihalliwell
bluesmoon
palkan
hatefulcrawdad
lara
axbom
