Demystifying Warden


Published on

Better position yourself for understanding how devise works

  • Be the first to comment

No Downloads
Total views
On SlideShare
From Embeds
Number of Embeds
Embeds 0
No embeds

No notes for slide
  • I know I’ve met a lot of you, but here is a bit of info about myself
  • Today I’d like to talk a bit about Warden.
  • So, I am going to talk about warden, but the goal of the talk is to understand just enough about warden so that Devise seems a little less magical.
  • Who here has used Devise?Who here has used Warden directly?
  • ON NEXT SLIDEWarden definition
  • AFTER THIS SLIDELets take a look at how warden fits into the rack application stack
  • First off, you are required to use some sort of session middleware upstream of warden. I’ve used Rack::Session for thisNext, warden is a piece of middleware that lazily places a warden proxy object into the rack environmentAll rack applications mounted after warden now have access to this warden object, allowing you to share authentication between any number of rack apps
  • That’s all well and good, but you have to ask, why should I learn more?
  • Now, before we go on, we need to define some terminology.You’ll have to forgive me for a bit of hand-waving, but hopefully it will become more clear after the demo
  • Of course, you’ll need to provide the logic for serializing and deserializing your object into and out of the session. We’ll get to that a bit later
  • Strategies typically define two methods: valid? : This normally just checks to see if the correct parameters are coming in, dismissing the request if they are wasting your time authenticate! : This method houses the logic for determining whether or not the parameters passed in pass or fail authenticationStrategies are cascading
  • This can be any mounted rack app. For example, a Rails controller or Sinatra application.
  • So you can assign which strategies to use for a specific scopeYou can define a default scopeWhen you call authenticate! You can specify which scope you’d like to authenticate against
  • I’ve only scrapped the surface of how Warden worksBut, much like sleeping inside of a tauntaun, Warden isn’t so bad after all…I’ll be at rusty bucket afterwards, I’ll do my best to answer any questions you might haveThanks!
  • Demystifying Warden

    1. 1.
    2. 2. warden<br />
    3. 3. wardenequipping yourself to better understand devise<br />
    4. 4. any love for devise?<br />
    5. 5. okay, so what is warden?<br />
    6. 6. a mechanism for authentication in rack based ruby applications<br />
    7. 7. Warden is upstream of some session middleware<br />Creates an env[‘warden’] proxy<br />Authentication can be shared between several Rack apps <br />
    8. 8. sweet, why should I learn more about it?<br />
    9. 9. create custom light-weight authentication middleware<br />share authentication between multiple Rack apps (rails & sinatra)<br />better understand higher level libraries that use it (i.e. devise)<br />and, well…<br />
    10. 10. Because it’s way awesome!<br />
    11. 11. Mission Debriefing<br />user<br />strategy<br />failure app<br />scope<br />
    12. 12. user – any object that can be serialized into the session marking a request authenticated.<br />
    13. 13. strategy – a place to keep logic for a certain method of authenticating a request<br />
    14. 14.
    15. 15. failure app – a specified rack endpoint after all authentication strategies have failed<br />
    16. 16. scope – a grouping of warden configuration settings.<br />WARNING! This is very oversimplified<br />
    17. 17. env[‘warden’].user(:api)env[‘warden’].authenticated?(:admin)<br />
    18. 18. Demo!<br />*crosses fingers*<br />
    19. 19. Surprisingly nice…<br />