Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
rodauth device and you
Search
Anton Davydov
October 22, 2016
Programming
260
2
Share
Embed
Copy iframe code
Copy JS code
Copy link
Start on current slide
rodauth device and you
Anton Davydov
October 22, 2016
More Decks by Anton Davydov
See All by Anton Davydov
How to make a technical decision
davydovanton
0
150
МГТУ
davydovanton
0
110
Events. Events. Events! - krk.rb
davydovanton
0
160
Events. Events. Events!
davydovanton
0
850
Event Sourcing RubySPBConf 2k18
davydovanton
1
220
Architecture of hanami applications
davydovanton
1
7.8k
Hanami Architecture
davydovanton
2
330
viewing ruby blossom kaigi2017
davydovanton
0
760
viewing ruby blossom rdrc2017
davydovanton
2
240
Other Decks in Programming
See All in Programming
Spring Security 実践 ─ GraphQL APIで実務に役立つ 認証・認可 を学ぶ
wagyu
0
260
並列実装の現場、2ヶ月間実務でAIを使い倒したAIもPCも私も限界が近い
ming_ayami
0
130
例外の正しい扱い方 そのエラー try-catchして大丈夫?
jinwatanabe
0
280
LLMによるContent Moderationの本番運用の裏側と品質担保への挑戦
suikabar
3
770
軽量Java基盤の設計 DIコンテナに頼らない、長期保守と1秒起動の実現 JJUG CCC 2026 Spring
macha64
0
570
Javaの型とAI時代に型が大事な理由 / java types and type in AI era
kishida
2
150
肥大化するレガシーコードに立ち向かうためのインターフェース分離と依存の逆転 / JJUG CCC 2026 Spring
hirokunimaeta
0
620
AI時代のUIはどこへ行く?その2!
yusukebe
22
7.5k
LLM本来の能力を解き放つサンドボックス技術とAI民主化への適用
yukukotani
3
4.5k
エンジニアと一緒にテストコードの設計と実装を改善した話
mototakatsu
0
220
ADKを使って簡単にAIエージェントを作ってみよう
k1mu21
0
280
エンジニア向け会社紹介/Findy Company Profile
findyinc
6
350k
Featured
See All Featured
Dealing with People You Can't Stand - Big Design 2015
cassininazir
367
27k
Measuring Dark Social's Impact On Conversion and Attribution
stephenakadiri
2
220
Thoughts on Productivity
jonyablonski
76
5.2k
How People are Using Generative and Agentic AI to Supercharge Their Products, Projects, Services and Value Streams Today
helenjbeal
1
220
Prompt Engineering for Job Search
mfonobong
0
350
Six Lessons from altMBA
skipperchong
29
4.3k
The Impact of AI in SEO - AI Overviews June 2024 Edition
aleyda
5
1.1k
VelocityConf: Rendering Performance Case Studies
addyosmani
333
25k
The AI Revolution Will Not Be Monopolized: How open-source beats economies of scale, even for LLMs
inesmontani
PRO
3
3.5k
Building Applications with DynamoDB
mza
96
7.1k
Leveraging Curiosity to Care for An Aging Population
cassininazir
1
270
技術選定の審美眼(2025年版) / Understanding the Spiral of Technologies 2025 edition
twada
PRO
118
120k
Transcript
None
Anton Davydov github.com/davydovanton twitter.com/anton_davydov davydovanton.com
OpenSource
None
None
None
None
authentication
typical authentication
• user authentication • working with current user • security
• different auth ways (OTP, OmniAuth, 2FA) • simple way to use it with other frameworks
but in a real life we have some
• wasting time for typical functionality • complicated logic •
magic in models/controllers • it’s hard to add new feature
and actually we can use…
devise
devise ❤ • popular • based on Rails engines •
use only what you really need • add-ons • fast for production
devise • only rails • problem with custom logic •
creates unnecessary raws in table • hulk • can be difficult to integrate
warden
sorcery
custom solution
custom solution ❤ • absolutely custom • works only for
special cases • works good when other solutions sucks
• DRY in each application • spend much time for
simple cases • you can write • you need to write all popular solutions custom solution
what problems we have • no simplicity • no flexibility
• magic • only for rails
rodauth github.com/jeremyevans/rodauth
rodauth ❤ • fast • simple • easy to integrate
with other frameworks • many features from the box • use only what you need
rodauth • little-known solution • new technology (from Jun 7,
2015) • another routing framework
Jeremy Evans github.com/jeremyevans
roda github.com/jeremyevans/roda
roda: general ideas • simplicity • reliability • extensibility •
performance
# config.ru require "roda" class App < Roda route do
|r| r.root do r.redirect "/hello" end # GET /hello request r.get "hello" do "Hello world!" end end end run App.freeze.app
# config.ru require "roda" class App < Roda route do
|r| r.root do r.redirect "/hello" end # GET /hello request r.get "hello" do "Hello world!" end end end run App.freeze.app
# config.ru require "roda" class App < Roda route do
|r| r.root do r.redirect "/hello" end # GET /hello request r.get "hello" do "Hello world!" end end end run App.freeze.app
# config.ru require "roda" class App < Roda route do
|r| r.root do r.redirect "/hello" end # GET /hello request r.get "hello" do "Hello world!" end end end run App.freeze.app
rodauth: general ideas
security
simplicity
flexibility
all features
login logout change password change login reset password create account
close account verify account confirm account remember lockout OTP recovery codes SMS codes verify change login verify account grace period password grace period password complexity disallow password reuse password expiration account expiration session expiration single session JWT (JSON API)
architecture
it’s just a plugin for roda
# cat config.ru require "roda" class RodauthApp < Roda plugin
:rodauth do enable :login, :logout, :change_password end route do |r| r.rodauth rodauth.require_authentication end end run RodauthApp
# cat config.ru require "roda" class RodauthApp < Roda plugin
:rodauth do enable :login, :logout, :change_password end route do |r| r.rodauth rodauth.require_authentication end end run RodauthApp
# cat config.ru require "roda" class RodauthApp < Roda plugin
:rodauth do enable :login, :logout, :change_password end route do |r| r.rodauth rodauth.require_authentication end end run RodauthApp
# cat config.ru require "roda" class RodauthApp < Roda plugin
:rodauth do enable :login, :logout, :change_password end route do |r| r.rodauth rodauth.require_authentication end end run RodauthApp
# cat config.ru require "roda" class RodauthApp < Roda plugin
:rodauth do enable :login, :logout, :change_password end route do |r| r.rodauth rodauth.require_authentication end end run RodauthApp
how we can use rodauth with other apps
general idea for integration
use middleware
Rack Rodauth Your app
Rack Rodauth Your app
Rack Rodauth Your app
Rack environment session Rodauth Your app
github.com/jeremyevans/rodauth-demo-rails
https://git.io/vPDao
github.com/davydovanton/rodauth_hanami
github.com/davydovanton/grape-rodauth JSON auth only
but we live in real world and we won’t use
this
how we can use these ideas in our apps
devise
None
None
use separate Account model instead of User/Admin
put all logic to separate application like admin app
don’t put all your logic to Model
bonus
None
• roda.jeremyevans.net • rodauth.jeremyevans.net • groups.google.com/forum/#!forum/ruby-roda • irc://chat.freenode.net/#roda • trailblazer
and devise: goo.gl/cdANIA
conclusions
None
github.com/davydovanton twitter.com/anton_davydov davydovanton.com Thank you