Upgrade to Pro — share decks privately, control downloads, hide ads and more …

Gems You Might Not Need - Authentication and Au...

Avatar for Brandon Beacher Brandon Beacher
March 30, 2012
Programming
5
370

Gems You Might Not Need - Authentication and Authorization

Avatar for Brandon Beacher

Brandon Beacher

March 30, 2012
Tweet

More Decks by Brandon Beacher

See All by Brandon Beacher
Ruby for Recruiters
Avatar for Brandon Beacher brandon_beacher
1
70
Academic Software Development Collaboration Tools
Avatar for Brandon Beacher brandon_beacher
3
180

Other Decks in Programming

See All in Programming
AIともっと楽するE2Eテスト
Avatar for Yohei Maeda myohei
8
3k
The Niche of CDK Grant オブジェクトって何者?/the-niche-of-cdk-what-isgrant-object
Avatar for hassaku63 hassaku63
1
610
iOS 26にアップデートすると実機でのHot Reloadができない?
Avatar for Aoi Umigishi umigishiaoi
0
140
Flutterで備える!Accessibility Nutrition Labels完全ガイド
Avatar for 野瀬田 裕樹 yuukiw00w
0
170
ISUCON研修おかわり会 講義スライド
Avatar for Yuki Yata arfes0e2b3c
1
470
LT 2025-06-30: プロダクトエンジニアの役割
Avatar for Keisuke Yamamoto yamamotok
0
870
新メンバーも今日から大活躍!SREが支えるスケールし続ける組織のオンボーディング
Avatar for HonMarkHunt honmarkhunt
5
8.7k
코딩 에이전트 체크리스트: Claude Code ver.
Avatar for nacyot nacyot
0
930
#QiitaBash MCPのセキュリティ
Avatar for Tommy(sigma) ryosukedtomita
1
1.5k
“いい感じ“な定量評価を求めて - Four Keysとアウトカムの間の探求 -
Avatar for Nealle nealle
2
12k
Model Pollution
Avatar for Henning Schwentner hschwentner
1
160
Python型ヒント完全ガイド 初心者でも分かる、現代的で実践的な使い方
Avatar for MIKIO KUBO mickey_kubo
1
240

Featured

See All Featured
Music & Morning Musume
Avatar for Bryan Veloso bryan
46
6.7k
No one is an island. Learnings from fostering a developers community.
Avatar for Antonio thoeni
21
3.4k
Adopting Sorbet at Scale
Avatar for Ufuk Kayserilioglu ufuk
77
9.5k
What’s in a name? Adding method to the madness
Avatar for Product Marketing Alliance productmarketing
PRO
23
3.5k
Agile that works and the tools we love
Avatar for Rasmus Luckow-Nielsen rasmusluckow
329
21k
Templates, Plugins, & Blocks: Oh My! Creating the theme that thinks of everything
Avatar for Michelle Schulp Hunt marktimemedia
31
2.4k
Balancing Empowerment & Direction
Avatar for Lara Hogan lara
1
450
Designing Experiences People Love
Avatar for Jonathan Moore moore
142
24k
It's Worth the Effort
Avatar for 3n 3n
185
28k
We Have a Design System, Now What?
Avatar for Morgane Peng morganepeng
53
7.7k
For a Future-Friendly Web
Avatar for Brad Frost brad_frost
179
9.8k
A better future with KSS
Avatar for Kyle Neath kneath
238
17k

Transcript

  1. Gems You Might Not Need Authentication and Authorization

  2. Authentication Who are you? Authorization Are you allowed to do

    that?

  3. Do I need an authentication gem? Maybe not...

  4. has_secure_password • Built in to newer versions of Rails •

    Adds methods to set and authenticate against a BCrypt password. • This mechanism requires you to have a password_digest attribute. https://gist.github.com/2252946

  5. Invitations • Add an invitation_token string attribute to your model

    • Generate the token with ActiveSupport:: SecureRandom.hex https://gist.github.com/2253047

  6. Do I need an authorization gem? Maybe not...

  7. Before filters • Methods with redirects https://gist.github.com/2253206

  8. Before filters - a step further • Stay flexible to

    meet needs https://gist.github.com/3f28fd45a9755dfafd72

  9. The Forbid pattern • When you need to get more

    granular than before filters • class ForbiddenError < StandardError • rescue_from ForbiddenError https://gist.github.com/2253303

  10. The Forbid pattern - a step further • Stay flexible

    to meet business needs https://gist.github.com/2253352

  11. The End • Simple • Flexible • Easy to understand