Rack for User Authentication
Upcoming SlideShare
Loading in...5
×
 

Rack for User Authentication

on

  • 5,877 views

Using Rack for user authentication with Rack apps

Using Rack for user authentication with Rack apps

Statistics

Views

Total Views
5,877
Views on SlideShare
5,515
Embed Views
362

Actions

Likes
3
Downloads
24
Comments
0

2 Embeds 362

http://rirug.com 328
http://coderwall.com 34

Accessibility

Categories

Upload Details

Uploaded via as Adobe PDF

Usage Rights

© All Rights Reserved

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
    Processing…
Post Comment
Edit your comment

Rack for User Authentication Rack for User Authentication Presentation Transcript

  • Rack For User Authentication http://rirug.com RIRUG
  • Common Web App Needs http://rirug.com RIRUG
  • Common Web App Needs • A User http://rirug.com RIRUG
  • Common Web App Needs • A User • A way to associate requests with that user http://rirug.com RIRUG
  • Many Current Auth Solutions • RESTful Authentication • HTTP Auth • AuthLogic • LDAP • Clearance • CAS • OpenID • Roll Your Own http://rirug.com RIRUG
  • Why Another One? http://rirug.com RIRUG
  • Rack Rails 2.3 introduced Rack compatibility. Rails 3 is Rack dependent. Rack allows for modular application design. http://rirug.com RIRUG
  • Default Rails Rack Stack http://rirug.com RIRUG
  • How Does This Affect Authentication? • Rack allows for “mountable apps” • Rails middleware • Rails metal http://rirug.com RIRUG
  • How will your authentication cope? http://rirug.com RIRUG
  • Apps Usually Need a “User” http://rirug.com RIRUG
  • Current Authentication Systems Will Conflict Between Apps http://rirug.com RIRUG
  • http://rirug.com RIRUG
  • Warden • Injects a lazy proxy into the request • Proxy follows around the request • Does nothing until asked • Authenticates requests for any kind of “user” • Provides a mechanism for authentication • Available to all downstream Rack parts http://rirug.com RIRUG
  • Authenticating (Loggin In) http://rirug.com RIRUG
  • Accessing the user http://rirug.com RIRUG
  • Logging Out http://rirug.com RIRUG
  • Authentication Logic • Strategy Based • Packagable • Sharable between discrete apps • Simple http://rirug.com RIRUG
  • Warden Strategy http://rirug.com RIRUG
  • Strategies • Multiple Strategies • Strategies Cascade http://rirug.com RIRUG
  • Rack Setup http://rirug.com RIRUG
  • Rails Integration http://rirug.com RIRUG
  • Warden + Devise http://rirug.com RIRUG
  • Devise • Flexible Rails authentication based on Warden • Rack based • Complete MVC solution using Rails engines • Allows for multiple roles (models/scopes) • Based on modularity http://rirug.com RIRUG
  • Devise Modules • Database Authenticatable • Token Authenticatable • Confirmable • Recoverable • Rememberable • Registerable • Trackable • Timeoutable • Validatable • Lockable http://rirug.com RIRUG
  • Demo http://rirug.com RIRUG
  • Rack Resources • http://rack.rubyforge.org/ • http://rack.rubyforge.org/doc/SPEC.html • http://railslab.newrelic.com/2009/06/05/episode-14-rack-metal http://rirug.com RIRUG
  • Warden Resources • http://www.slideshare.net/hassox/warden-introduction • http://wiki.github.com/hassox/warden/overview • http://github.com/hassox/rails_warden http://rirug.com RIRUG
  • Devise Resources • http://blog.plataformatec.com.br/2010/02/happy-birthday-devise/ • http://github.com/plataformatec/devise • http://rdoc.info/projects/plataformatec/devise • http://railscasts.com/episodes/209-introducing-devise • http://railscasts.com/episodes/210-customizing-devise http://rirug.com RIRUG