Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
Gems You Might Not Need - Authentication and Au...
Search
Brandon Beacher
March 30, 2012
Programming
5
370
Gems You Might Not Need - Authentication and Authorization
Brandon Beacher
March 30, 2012
Tweet
Share
More Decks by Brandon Beacher
See All by Brandon Beacher
Ruby for Recruiters
brandon_beacher
1
70
Academic Software Development Collaboration Tools
brandon_beacher
3
180
Other Decks in Programming
See All in Programming
Rails Frontend Evolution: It Was a Setup All Along
skryukov
0
140
Startups on Rails in Past, Present and Future–Irina Nazarova, RailsConf 2025
irinanazarova
0
100
データの民主化を支える、透明性のあるデータ利活用への挑戦 2025-06-25 Database Engineering Meetup#7
y_ken
0
360
WebViewの現在地 - SwiftUI時代のWebKit - / The Current State Of WebView
marcy731
0
120
0626 Findy Product Manager LT Night_高田スライド_speaker deck用
mana_takada
0
170
AIエージェントはこう育てる - GitHub Copilot Agentとチームの共進化サイクル
koboriakira
0
590
10 Costly Database Performance Mistakes (And How To Fix Them)
andyatkinson
0
330
Flutterで備える!Accessibility Nutrition Labels完全ガイド
yuukiw00w
0
160
レベル1の開発生産性向上に取り組む − 日々の作業の効率化・自動化を通じた改善活動
kesoji
0
190
20250704_教育事業におけるアジャイルなデータ基盤構築
hanon52_
5
780
PHPでWebSocketサーバーを実装しよう2025
kubotak
0
280
AIプログラマーDevinは PHPerの夢を見るか?
shinyasaita
1
220
Featured
See All Featured
Being A Developer After 40
akosma
90
590k
実際に使うSQLの書き方 徹底解説 / pgcon21j-tutorial
soudai
PRO
181
54k
Build your cross-platform service in a week with App Engine
jlugia
231
18k
CoffeeScript is Beautiful & I Never Want to Write Plain JavaScript Again
sstephenson
161
15k
Refactoring Trust on Your Teams (GOTO; Chicago 2020)
rmw
34
3.1k
Git: the NoSQL Database
bkeepers
PRO
430
65k
Designing for humans not robots
tammielis
253
25k
Docker and Python
trallard
44
3.5k
Raft: Consensus for Rubyists
vanstee
140
7k
Art, The Web, and Tiny UX
lynnandtonic
299
21k
Automating Front-end Workflow
addyosmani
1370
200k
How to Ace a Technical Interview
jacobian
278
23k
Transcript
Gems You Might Not Need Authentication and Authorization
Authentication Who are you? Authorization Are you allowed to do
that?
Do I need an authentication gem? Maybe not...
has_secure_password • Built in to newer versions of Rails •
Adds methods to set and authenticate against a BCrypt password. • This mechanism requires you to have a password_digest attribute. https://gist.github.com/2252946
Invitations • Add an invitation_token string attribute to your model
• Generate the token with ActiveSupport:: SecureRandom.hex https://gist.github.com/2253047
Do I need an authorization gem? Maybe not...
Before filters • Methods with redirects https://gist.github.com/2253206
Before filters - a step further • Stay flexible to
meet needs https://gist.github.com/3f28fd45a9755dfafd72
The Forbid pattern • When you need to get more
granular than before filters • class ForbiddenError < StandardError • rescue_from ForbiddenError https://gist.github.com/2253303
The Forbid pattern - a step further • Stay flexible
to meet business needs https://gist.github.com/2253352
The End • Simple • Flexible • Easy to understand