Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
Gems You Might Not Need - Authentication and Au...
Search
Sponsored
·
Ship Features Fearlessly
Turn features on and off without deploys. Used by thousands of Ruby developers.
→
Brandon Beacher
March 30, 2012
Programming
380
5
Share
Embed
Copy iframe code
Copy JS code
Copy link
Start on current slide
Gems You Might Not Need - Authentication and Authorization
Brandon Beacher
March 30, 2012
More Decks by Brandon Beacher
See All by Brandon Beacher
Ruby for Recruiters
brandon_beacher
1
84
Academic Software Development Collaboration Tools
brandon_beacher
3
190
Other Decks in Programming
See All in Programming
並列実装の現場、2ヶ月間実務でAIを使い倒したAIもPCも私も限界が近い
ming_ayami
0
130
Language Server 使ってる? 〜VSCode と Zed の場合〜 / Are you using a Language Server? ~For VS Code and Zed~
handlename
0
790
IBM Bobを活用したレガシーアプリの最新化
oniak3ibm
PRO
1
200
技術記事、AIに書かせるか、自分で書くか? 〜それでも私が自分の手で書く理由〜 / #QiitaConference
jnchito
2
1.4k
TypeScript+Orvalで実現する型安全かつ堅牢でスケーラブルなマルチチャネル通知基盤 / TSKaigi Night talks ~after conference~
d0riven
0
350
Semantic Version 単位で戦略を柔軟に変えて、パッケージアップデートを自動化する
daitasu
1
260
Javaの型とAI時代に型が大事な理由 / java types and type in AI era
kishida
2
140
ECSアプリログをFireLensでコスト削減しようとしたけど諦めた話 in Fargate×Node.js
akihisaikeda
2
4.2k
Snowflake Summitでの新機能 CoCo / CoWork / snowflake-summit-2026-overall-what-new-coco
tatsuhiro
1
150
TSKaigi Night Talks 2026_TypeScriptでサプライチェーンの整合性を型に閉じ込める
geekplus_tech
0
400
さぁV100、メモリをお食べ・・・
nilpe
0
140
Lemonade + Foundry Toolkit でお手軽アプリ開発
seosoft
1
360
Featured
See All Featured
Why Mistakes Are the Best Teachers: Turning Failure into a Pathway for Growth
auna
0
160
Amusing Abliteration
ianozsvald
1
210
Exploring the Power of Turbo Streams & Action Cable | RailsConf2023
kevinliebholz
37
6.5k
Navigating Team Friction
lara
192
16k
Large-scale JavaScript Application Architecture
addyosmani
515
110k
KATA
mclloyd
PRO
35
15k
HU Berlin: Industrial-Strength Natural Language Processing with spaCy and Prodigy
inesmontani
PRO
0
410
Bridging the Design Gap: How Collaborative Modelling removes blockers to flow between stakeholders and teams @FastFlow conf
baasie
0
590
The Hidden Cost of Media on the Web [PixelPalooza 2025]
tammyeverts
2
330
Dealing with People You Can't Stand - Big Design 2015
cassininazir
367
27k
Winning Ecommerce Organic Search in an AI Era - #searchnstuff2025
aleyda
1
2k
Agile that works and the tools we love
rasmusluckow
331
21k
Transcript
Gems You Might Not Need Authentication and Authorization
Authentication Who are you? Authorization Are you allowed to do
that?
Do I need an authentication gem? Maybe not...
has_secure_password • Built in to newer versions of Rails •
Adds methods to set and authenticate against a BCrypt password. • This mechanism requires you to have a password_digest attribute. https://gist.github.com/2252946
Invitations • Add an invitation_token string attribute to your model
• Generate the token with ActiveSupport:: SecureRandom.hex https://gist.github.com/2253047
Do I need an authorization gem? Maybe not...
Before filters • Methods with redirects https://gist.github.com/2253206
Before filters - a step further • Stay flexible to
meet needs https://gist.github.com/3f28fd45a9755dfafd72
The Forbid pattern • When you need to get more
granular than before filters • class ForbiddenError < StandardError • rescue_from ForbiddenError https://gist.github.com/2253303
The Forbid pattern - a step further • Stay flexible
to meet business needs https://gist.github.com/2253352
The End • Simple • Flexible • Easy to understand
brandon_beacher
ming_ayami
handlename
oniak3ibm
jnchito
d0riven
daitasu
kishida
akihisaikeda
tatsuhiro
geekplus_tech
nilpe
seosoft
auna
ianozsvald
kevinliebholz
lara
addyosmani
mclloyd
inesmontani
baasie
tammyeverts
cassininazir
aleyda
rasmusluckow
