Authentication in-rails
•Télécharger en tant que PPTX, PDF•
2 j'aime•713 vues
Slides from my talk at the Eastside Incubator's Rails Chat series. With so many authentication solutions out there (Devise, OmniAuth, AuthLogic, just to name a few), this slide deck goes through various options, and guides with choosing the best authentication solution for your app. The deck covers following areas... Your Own Auth (Authentication from Scratch) Your Own Auth With Facebook Connect OmniAuth (Facebook + Twitter) OmniAuth (Facebook + Twitter + Identity) Devise (+ Omniauthable, example includes Facebook and Twitter) All source code for this talk is available on GitHub at https://github.com/mvaidya/Authentication-In-Rails
Recommandé
Contenu connexe
Similaire à Authentication in-rails
Similaire à Authentication in-rails (20)
Dernier
Dernier (20)
Authentication in-rails
- 2. Experience Technologies V.P. Engineering Dec 2011 - now Software Engineer August 2010 – Dec 2011 Software Engineer Mihir A. Vaidya Feb 2006 – August 2010 Co-Founder and V.P. Engineering ReadyPulse Software Engineer https://www.linkedin.com/in/vaidyamihir May 2004 – Feb 2006 https://twitter.com/mihirvaidya Researcher May 2003 – May 2004
- 3. • • •
- 4. • – –
- 5. • – – • – – – – – – – •
- 6. • • – • • •
- 7. • – • • http_basic_authenticate_with :name => "ror", :password => "rocks", :except=>[:index]
- 8. • – – – • • • • – • • current_user, authenticate_user! – • – – – –
- 9. • –
- 10. • – – • • – • – • – • – • – – • • • • •
- 11. • • • • •
- 12. • • • – – – • – • – –
- 13. • – • – – • – – » • Perform all authentication in a HTML POPUP with your own handler pages before and after Facebook OAuth calls – • • – – • – –
- 14. •
- 15. • • – Sessions#fb_auth •
- 16. • – • •
- 17. • • – • – – • • – – (session[:user_id]) – (current_user, authenticate_user!) • •
- 18. • • • – • – gem „omniauth-twitter‟ – gem „omniauth-facebook‟ – bundle install • – • Rails.application.config.middleware.use OmniAuth::Builder do provider :twitter, APP_CONFIG[:twitter]['consumer_key'], APP_CONFIG[:twitter]['consumer_secret'] provider :facebook, APP_CONFIG[:facebook]['app_id'], APP_CONFIG[:facebook]['app_secret'], :client_options => { :ssl => { :ca_file => "#{Rails.root}/config/ca-bundle.crt" } } End • • (/auth/:provider/callback) – request.env[“omniauth.auth”]
- 19. • – • • • – OmniAuth.config.on_failure = -> env do env[ActionDispatch::Flash::KEY] ||= ActionDispatch::Flash::FlashHash.new env[ActionDispatch::Flash::KEY][:error] = "Authentication failed, please try again." SessionsController.action(:new).call(env) #call whatever controller/action that displays your signup form end
- 20. • – – – – • – –
- 21. • – • •
- 22. • – '/auth/:provider/callback' => 'sessions#create' • – • – – •
- 23. • – provider :identity, on_failed_registration: lambda { |env| # lambda is used so that the class IdentitiesController is not cached (important for dev environment). # That way, changes to the controller will be picked up automatically since # lamda is the rack application to handle failures and not IndentitiesController#new directly IdentitiesController.action(:new).call(env) }
- 24. • – • – –
- 25. • • – • • – • • – • – • • • –
- 26. • – – • – • • – – • – • • – –
- 27. • – • • • • • –
- 28. • • – • –
- 29. • – • – – – • – –
- 30. • • • – – • • • – –
- 31. • • –
- 32. • – – • – • • – • – – • • •
- 33. • • • • – – – – • –
- 34. • • – • – – • – – – • – •
- 35. • • •
- 36. • •
- 40. • – • • • – • • – • – – – – • – – – • • – current_user – authenticate_user!
- 41. • – – – – • password_salt = BCrypt::Engine.generate_salt • password_hash = BCrypt::Engine.hash_secret(password, password_salt) • –
- 42. • – • – • –