O'Reilly logo

The Rails 5 Way, Fourth Edition by Kevin Faustino, Obie Fernandez

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

Chapter 14 Authentication and Authorization

Thanks goodness [sic], there’s only about a billion of these because DHH doesn’t think auth/auth [sic] belongs in the core.

—George Hotelling at http://del.icio.us/revgeorge/authentication

If you’re building a web application, more often than not you will need some form of user security. User security can be broken up into two categories, authentication, which verifies the identity of a user, and authorization, which verifies what they are able to do in your application.

In version 3.1, Rails introduced has_secure_password, which adds methods to set and authenticate against a BCrypt password. Although this functionality now exists in the framework, it is only a small part of a robust authentication ...

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, interactive tutorials, and more.

Start Free Trial

No credit card required