Rack for User Authentication

  • 5,135 views
Uploaded on

Using Rack for user authentication with Rack apps

Using Rack for user authentication with Rack apps

More in: Technology
  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
    Be the first to comment
No Downloads

Views

Total Views
5,135
On Slideshare
0
From Embeds
0
Number of Embeds
0

Actions

Shares
Downloads
24
Comments
0
Likes
3

Embeds 0

No embeds

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
    No notes for slide

Transcript

  • 1. Rack For User Authentication http://rirug.com RIRUG
  • 2. Common Web App Needs http://rirug.com RIRUG
  • 3. Common Web App Needs • A User http://rirug.com RIRUG
  • 4. Common Web App Needs • A User • A way to associate requests with that user http://rirug.com RIRUG
  • 5. Many Current Auth Solutions • RESTful Authentication • HTTP Auth • AuthLogic • LDAP • Clearance • CAS • OpenID • Roll Your Own http://rirug.com RIRUG
  • 6. Why Another One? http://rirug.com RIRUG
  • 7. Rack Rails 2.3 introduced Rack compatibility. Rails 3 is Rack dependent. Rack allows for modular application design. http://rirug.com RIRUG
  • 8. Default Rails Rack Stack http://rirug.com RIRUG
  • 9. How Does This Affect Authentication? • Rack allows for “mountable apps” • Rails middleware • Rails metal http://rirug.com RIRUG
  • 10. How will your authentication cope? http://rirug.com RIRUG
  • 11. Apps Usually Need a “User” http://rirug.com RIRUG
  • 12. Current Authentication Systems Will Conflict Between Apps http://rirug.com RIRUG
  • 13. http://rirug.com RIRUG
  • 14. Warden • Injects a lazy proxy into the request • Proxy follows around the request • Does nothing until asked • Authenticates requests for any kind of “user” • Provides a mechanism for authentication • Available to all downstream Rack parts http://rirug.com RIRUG
  • 15. Authenticating (Loggin In) http://rirug.com RIRUG
  • 16. Accessing the user http://rirug.com RIRUG
  • 17. Logging Out http://rirug.com RIRUG
  • 18. Authentication Logic • Strategy Based • Packagable • Sharable between discrete apps • Simple http://rirug.com RIRUG
  • 19. Warden Strategy http://rirug.com RIRUG
  • 20. Strategies • Multiple Strategies • Strategies Cascade http://rirug.com RIRUG
  • 21. Rack Setup http://rirug.com RIRUG
  • 22. Rails Integration http://rirug.com RIRUG
  • 23. Warden + Devise http://rirug.com RIRUG
  • 24. Devise • Flexible Rails authentication based on Warden • Rack based • Complete MVC solution using Rails engines • Allows for multiple roles (models/scopes) • Based on modularity http://rirug.com RIRUG
  • 25. Devise Modules • Database Authenticatable • Token Authenticatable • Confirmable • Recoverable • Rememberable • Registerable • Trackable • Timeoutable • Validatable • Lockable http://rirug.com RIRUG
  • 26. Demo http://rirug.com RIRUG
  • 27. Rack Resources • http://rack.rubyforge.org/ • http://rack.rubyforge.org/doc/SPEC.html • http://railslab.newrelic.com/2009/06/05/episode-14-rack-metal http://rirug.com RIRUG
  • 28. Warden Resources • http://www.slideshare.net/hassox/warden-introduction • http://wiki.github.com/hassox/warden/overview • http://github.com/hassox/rails_warden http://rirug.com RIRUG
  • 29. Devise Resources • http://blog.plataformatec.com.br/2010/02/happy-birthday-devise/ • http://github.com/plataformatec/devise • http://rdoc.info/projects/plataformatec/devise • http://railscasts.com/episodes/209-introducing-devise • http://railscasts.com/episodes/210-customizing-devise http://rirug.com RIRUG