Have you had any concerns with a selection of tool for authentication? This talk about Rodauth, awesome authentication framework. We will see how Rodauth can compete with existing libraries and which advantages and disadvantages do they have.
29. Token Authentication
Articles
ā¢ An Introduction to Using JWT Authentication in Rails
ā¢ Authenticate Your Rails API with JWT from Scratch
ā¢ Token-based authentication with Ruby on Rails 5 API
ā¢ JWT Auth in Rails, From Scratch
ā¢ Implementing JWT in Ruby on Rails-based API
ā¢ Authenticate Your Rails API with JWT
ā¢ Rails Api Backed With JWT
ā¢ Rails, Devise, JWT and the forgotten Warden
75. require "roda"
class RodauthApp < Roda
# If using Rodauth in a non-Roda application
# plugin :middleware
plugin :rodauth do
enable :login, :logout, :change_password
end
route do |r|
r.rodauth
rodauth.require_authentication
# If using Rodauth in a Roda application
# Your app code here
end
end
# If using Rodauth in a non-Roda application
# use RodauthApp
# If using Rodauth in a Roda application
run RodauthApp
76. require "roda"
class RodauthApp < Roda
# If using Rodauth in a non-Roda application
# plugin :middleware
plugin :rodauth do
enable :login, :logout, :change_password
end
route do |r|
r.rodauth
rodauth.require_authentication
# If using Rodauth in a Roda application
# Your app code here
end
end
# If using Rodauth in a non-Roda application
# use RodauthApp
# If using Rodauth in a Roda application
run RodauthApp
78. require 'simple_ldap_authenticator'
plugin :rodauth do
enable :login, :logout
# Don't require the bcrypt library, since using LDAP for auth
require_bcrypt? false
# Treat the login itself as the account
account_from_login{|l| l.to_s}
# Use the login provided as the session value
account_session_value{account}
# Store session value in :login key, since the :account_id
# default wouldn't make sense
session_key :login
password_match? do |password|
SimpleLdapAuthenticator.valid?(account, password)
end
end
81. module Auth
class Rodauth < Roda
plugin :rodauth do
enable :login
end
route do |r|
r.post 'login' do
# Custom POST /login handling here
end
r.rodauth
end
end
end
87. Setup With Postgresql
create_table(:accounts) do
primary_key :id, :type=>:Bignum
foreign_key :status_id, :account_statuses, :null=>false, :default=>1
if db.database_type == :postgres
citext :email, :null=>false
constraint :valid_email, :email=>/^[^,;@ rn]+@[^,@; rn]+.[^,@; rn]+$/
index :email, :unique=>true, :where=>{:status_id=>[1, 2]}
else
String :email, :null=>false
index :email, :unique=>true
end
end
case database_type
when :postgres
user = get{Sequel.lit('current_user')} + '_password'
run "GRANT REFERENCES ON accounts TO #{user}"
end
88. Deļ¬ne Rodauth Features
plugin :rodauth, :json=>true, :csrf=>false, :flash=>false do
enable :change_password, :close_account, :create_account,
:login, :logout, :remember, :reset_password, :verify_account,
:otp, :recovery_codes, :sms_codes, :password_complexity,
:disallow_password_reuse, :password_grace_period,
:account_expiration, :single_session, :jwt, :session_expiration,
max_invalid_logins 2
allow_password_change_after 60
verify_account_grace_period 300
jwt_secret secret
sms_send do |phone_number, message|
MUTEX.synchronize{SMS[session_value] = "..."}
end
end
93. Registration
module Auth
class Rodauth < Roda
DB = Sequel.connect(ENV['DATABASE_URL'])
plugin :middleware
plugin :rodauth, json: :only do
enable :login, :logout, :jwt, :create_account
jwt_session_hash do
super().merge(exp: SmartTaskApi::Utils.jwt_expiration)
end
jwt_secret ENV['JWT_SECRET']
end
route do |r|
r.rodauth
env['rodauth'] = rodauth
end
end
end
94. Token Authentication
module Api
class Rodauth < Roda
DB = Sequel.connect(ENV['DATABASE_URL'])
plugin :middleware
plugin :rodauth, json: :only do
enable :jwt
jwt_secret ENV['JWT_SECRET']
end
route do |r|
r.rodauth
rodauth.require_authentication
env['rodauth'] = rodauth
end
end
end