Lock in $30 Savings on PRO—Offer Ends Soon! ⏳
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
Gems You Might Not Need - Authentication and Au...
Search
Brandon Beacher
March 30, 2012
Programming
5
380
Gems You Might Not Need - Authentication and Authorization
Brandon Beacher
March 30, 2012
Tweet
Share
More Decks by Brandon Beacher
See All by Brandon Beacher
Ruby for Recruiters
brandon_beacher
1
76
Academic Software Development Collaboration Tools
brandon_beacher
3
180
Other Decks in Programming
See All in Programming
チームをチームにするEM
hitode909
0
350
AtCoder Conference 2025「LLM時代のAHC」
imjk
2
530
TestingOsaka6_Ozono
o3
0
170
JETLS.jl ─ A New Language Server for Julia
abap34
1
420
認証・認可の基本を学ぼう前編
kouyuume
0
260
マスタデータ問題、マイクロサービスでどう解くか
kts
0
110
Integrating WordPress and Symfony
alexandresalome
0
160
堅牢なフロントエンドテスト基盤を構築するために行った取り組み
shogo4131
8
2.4k
The Past, Present, and Future of Enterprise Java
ivargrimstad
0
190
ELYZA_Findy AI Engineering Summit登壇資料_AIコーディング時代に「ちゃんと」やること_toB LLMプロダクト開発舞台裏_20251216
elyza
2
300
モデル駆動設計をやってみよう ワークショップ開催報告(Modeling Forum2025) / model driven design workshop report
haru860
0
270
ViewファーストなRailsアプリ開発のたのしさ
sugiwe
0
500
Featured
See All Featured
End of SEO as We Know It (SMX Advanced Version)
ipullrank
2
3.8k
Optimising Largest Contentful Paint
csswizardry
37
3.5k
Navigating Algorithm Shifts & AI Overviews - #SMXNext
aleyda
0
1k
The B2B funnel & how to create a winning content strategy
katarinadahlin
PRO
0
170
The browser strikes back
jonoalderson
0
60
ラッコキーワード サービス紹介資料
rakko
0
1.7M
The #1 spot is gone: here's how to win anyway
tamaranovitovic
1
860
Agile Actions for Facilitating Distributed Teams - ADO2019
mkilby
0
85
The Myth of the Modular Monolith - Day 2 Keynote - Rails World 2024
eileencodes
26
3.3k
Designing Dashboards & Data Visualisations in Web Apps
destraynor
231
54k
Test your architecture with Archunit
thirion
1
2.1k
Code Reviewing Like a Champion
maltzj
527
40k
Transcript
Gems You Might Not Need Authentication and Authorization
Authentication Who are you? Authorization Are you allowed to do
that?
Do I need an authentication gem? Maybe not...
has_secure_password • Built in to newer versions of Rails •
Adds methods to set and authenticate against a BCrypt password. • This mechanism requires you to have a password_digest attribute. https://gist.github.com/2252946
Invitations • Add an invitation_token string attribute to your model
• Generate the token with ActiveSupport:: SecureRandom.hex https://gist.github.com/2253047
Do I need an authorization gem? Maybe not...
Before filters • Methods with redirects https://gist.github.com/2253206
Before filters - a step further • Stay flexible to
meet needs https://gist.github.com/3f28fd45a9755dfafd72
The Forbid pattern • When you need to get more
granular than before filters • class ForbiddenError < StandardError • rescue_from ForbiddenError https://gist.github.com/2253303
The Forbid pattern - a step further • Stay flexible
to meet business needs https://gist.github.com/2253352
The End • Simple • Flexible • Easy to understand
brandon_beacher
hitode909
imjk
o3
abap34
kouyuume
kts
alexandresalome
shogo4131
ivargrimstad
elyza
haru860
sugiwe
ipullrank
csswizardry
aleyda
katarinadahlin
jonoalderson
rakko
tamaranovitovic
mkilby
eileencodes
destraynor
thirion
maltzj
