Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
Gems You Might Not Need - Authentication and Au...
Search
Brandon Beacher
March 30, 2012
Programming
5
380
Gems You Might Not Need - Authentication and Authorization
Brandon Beacher
March 30, 2012
Tweet
Share
More Decks by Brandon Beacher
See All by Brandon Beacher
Ruby for Recruiters
brandon_beacher
1
78
Academic Software Development Collaboration Tools
brandon_beacher
3
180
Other Decks in Programming
See All in Programming
The free-lunch guide to idea circularity
hollycummins
0
370
モダンOBSプラグイン開発
umireon
0
180
ネイティブアプリとWebフロントエンドのAPI通信ラッパーにおける共通化の勘所
suguruooki
0
200
Claude Codeログ基盤の構築
giginet
PRO
7
3.7k
KagglerがMixSeekを触ってみた
morim
0
330
20260313 - Grafana & Friends Taipei #1 - Kubernetes v1.36 的開發雜記:那些困在 Alpha 加護病房太久的 Metrics
tico88612
0
240
How to stabilize UI tests using XCTest
akkeylab
0
140
Vuetify 3 → 4 何が変わった?差分と移行ポイント10分まとめ
koukimiura
0
200
20260320登壇資料
pharct
0
130
Angular-Apps smarter machen mit Gen AI: Lokal und offlinefähig - Hands-on Workshop!
christianliebel
PRO
0
140
AIコードレビューの導入・運用と AI駆動開発における「AI4QA」の取り組みについて
hagevvashi
0
560
脱 雰囲気実装! AgentCoreを良い感じに WEBアプリケーションに組み込むために
takuyay0ne
3
400
Featured
See All Featured
Optimising Largest Contentful Paint
csswizardry
37
3.6k
Self-Hosted WebAssembly Runtime for Runtime-Neutral Checkpoint/Restore in Edge–Cloud Continuum
chikuwait
0
420
Believing is Seeing
oripsolob
1
97
The untapped power of vector embeddings
frankvandijk
2
1.6k
Java REST API Framework Comparison - PWX 2021
mraible
34
9.2k
SERP Conf. Vienna - Web Accessibility: Optimizing for Inclusivity and SEO
sarafernandez
1
1.4k
Measuring & Analyzing Core Web Vitals
bluesmoon
9
790
I Don’t Have Time: Getting Over the Fear to Launch Your Podcast
jcasabona
34
2.7k
Fantastic passwords and where to find them - at NoRuKo
philnash
52
3.6k
GitHub's CSS Performance
jonrohan
1032
470k
Leadership Guide Workshop - DevTernity 2021
reverentgeek
1
250
個人開発の失敗を避けるイケてる考え方 / tips for indie hackers
panda_program
122
21k
Transcript
Gems You Might Not Need Authentication and Authorization
Authentication Who are you? Authorization Are you allowed to do
that?
Do I need an authentication gem? Maybe not...
has_secure_password • Built in to newer versions of Rails •
Adds methods to set and authenticate against a BCrypt password. • This mechanism requires you to have a password_digest attribute. https://gist.github.com/2252946
Invitations • Add an invitation_token string attribute to your model
• Generate the token with ActiveSupport:: SecureRandom.hex https://gist.github.com/2253047
Do I need an authorization gem? Maybe not...
Before filters • Methods with redirects https://gist.github.com/2253206
Before filters - a step further • Stay flexible to
meet needs https://gist.github.com/3f28fd45a9755dfafd72
The Forbid pattern • When you need to get more
granular than before filters • class ForbiddenError < StandardError • rescue_from ForbiddenError https://gist.github.com/2253303
The Forbid pattern - a step further • Stay flexible
to meet business needs https://gist.github.com/2253352
The End • Simple • Flexible • Easy to understand
brandon_beacher
hollycummins
umireon
suguruooki
giginet
morim
tico88612
akkeylab
koukimiura
pharct
christianliebel
hagevvashi
takuyay0ne
csswizardry
chikuwait
oripsolob
frankvandijk
mraible
sarafernandez
bluesmoon
jcasabona
philnash
jonrohan
reverentgeek
panda_program
