Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
Gems You Might Not Need - Authentication and Au...
Search
Brandon Beacher
March 30, 2012
Programming
5
370
Gems You Might Not Need - Authentication and Authorization
Brandon Beacher
March 30, 2012
Tweet
Share
More Decks by Brandon Beacher
See All by Brandon Beacher
Ruby for Recruiters
brandon_beacher
1
70
Academic Software Development Collaboration Tools
brandon_beacher
3
180
Other Decks in Programming
See All in Programming
エンジニアインターン「Treasure」とHonoの2年、そして未来へ / Our Journey with Hono Two Years at Treasure and Beyond
carta_engineering
0
410
CSC509 Lecture 05
javiergs
PRO
0
310
開発組織の戦略的な役割と 設計スキル向上の効果
masuda220
PRO
8
1.4k
Go言語の特性を活かした公式MCP SDKの設計
hond0413
1
470
AI Agent 時代的開發者生存指南
eddie
4
2.1k
実践Claude Code:20の失敗から学ぶAIペアプログラミング
takedatakashi
18
8k
Go言語はstack overflowの夢を見るか?
logica0419
0
520
One Enishi After Another
snoozer05
PRO
0
150
CSC305 Lecture 10
javiergs
PRO
0
220
Ktorで簡単AIアプリケーション
tsukakei
0
100
AI 駆動開発におけるコミュニティと AWS CDK の価値
konokenj
5
190
NixOS + Kubernetesで構築する自宅サーバーのすべて
ichi_h3
0
1.1k
Featured
See All Featured
Side Projects
sachag
455
43k
The Web Performance Landscape in 2024 [PerfNow 2024]
tammyeverts
10
880
The Psychology of Web Performance [Beyond Tellerrand 2023]
tammyeverts
49
3.1k
The Myth of the Modular Monolith - Day 2 Keynote - Rails World 2024
eileencodes
26
3.1k
I Don’t Have Time: Getting Over the Fear to Launch Your Podcast
jcasabona
34
2.5k
The Power of CSS Pseudo Elements
geoffreycrofte
79
6k
A better future with KSS
kneath
239
18k
Rebuilding a faster, lazier Slack
samanthasiow
84
9.2k
Responsive Adventures: Dirty Tricks From The Dark Corners of Front-End
smashingmag
253
22k
Distributed Sagas: A Protocol for Coordinating Microservices
caitiem20
333
22k
Navigating Team Friction
lara
190
15k
Designing for humans not robots
tammielis
254
26k
Transcript
Gems You Might Not Need Authentication and Authorization
Authentication Who are you? Authorization Are you allowed to do
that?
Do I need an authentication gem? Maybe not...
has_secure_password • Built in to newer versions of Rails •
Adds methods to set and authenticate against a BCrypt password. • This mechanism requires you to have a password_digest attribute. https://gist.github.com/2252946
Invitations • Add an invitation_token string attribute to your model
• Generate the token with ActiveSupport:: SecureRandom.hex https://gist.github.com/2253047
Do I need an authorization gem? Maybe not...
Before filters • Methods with redirects https://gist.github.com/2253206
Before filters - a step further • Stay flexible to
meet needs https://gist.github.com/3f28fd45a9755dfafd72
The Forbid pattern • When you need to get more
granular than before filters • class ForbiddenError < StandardError • rescue_from ForbiddenError https://gist.github.com/2253303
The Forbid pattern - a step further • Stay flexible
to meet business needs https://gist.github.com/2253352
The End • Simple • Flexible • Easy to understand
brandon_beacher
carta_engineering
javiergs
masuda220
%20(2)%20(1).png){kind=avatar}
hond0413
eddie
takedatakashi
logica0419
snoozer05
tsukakei
konokenj
ichi_h3
sachag
tammyeverts
eileencodes
jcasabona
geoffreycrofte
kneath
samanthasiow
smashingmag
caitiem20
lara
tammielis
