Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
rodauth device and you
Search
Sponsored
·
Ship Features Fearlessly
Turn features on and off without deploys. Used by thousands of Ruby developers.
→
Anton Davydov
October 22, 2016
Programming
260
2
Share
Embed
Copy iframe code
Copy JS code
Copy link
Start on current slide
rodauth device and you
Anton Davydov
October 22, 2016
More Decks by Anton Davydov
See All by Anton Davydov
How to make a technical decision
davydovanton
0
150
МГТУ
davydovanton
0
120
Events. Events. Events! - krk.rb
davydovanton
0
160
Events. Events. Events!
davydovanton
0
850
Event Sourcing RubySPBConf 2k18
davydovanton
1
220
Architecture of hanami applications
davydovanton
1
7.8k
Hanami Architecture
davydovanton
2
330
viewing ruby blossom kaigi2017
davydovanton
0
760
viewing ruby blossom rdrc2017
davydovanton
2
240
Other Decks in Programming
See All in Programming
The Bowling Game- From Imperative to Functional Programming - Part 1
philipschwarz
PRO
0
310
アルゴリズムは何を圧縮しているのか ─ Haskell から育った「圧縮代数」というメンタルモデル
naoya
16
3.3k
act2-costs.pdf
sumedhbala
0
110
Observability in Practice:Grafana 與 Edge Device SRE 的那些事
blueswen
0
190
Generative UI & AI-Assistants for Your Angular Solutions
manfredsteyer
PRO
1
160
フィードバックで育てるAI開発
kotaminato
1
110
PHPだって関数型したい 〜できること、できないこと〜 / fp-in-php
jsoizo
0
190
Snowflake Summitでの新機能 CoCo / CoWork / snowflake-summit-2026-overall-what-new-coco
tatsuhiro
1
220
吝嗇家のためのAI活用 / AI development for miser - ChatGPT + Issue Driven Development
tooppoo
0
180
信頼性について考えてみる(SRE NEXT 2026 miniLT)
hayama17
0
160
はてなアカウント基盤 State of the Union
cockscomb
1
1.3k
AI 輔助遺留系統現代化的經驗分享
jame2408
1
1.2k
Featured
See All Featured
A Modern Web Designer's Workflow
chriscoyier
698
190k
Darren the Foodie - Storyboard
khoart
PRO
3
3.4k
Cheating the UX When There Is Nothing More to Optimize - PixelPioneers
stephaniewalter
287
14k
What the history of the web can teach us about the future of AI
inesmontani
PRO
1
630
Designing Powerful Visuals for Engaging Learning
tmiket
1
450
HDC tutorial
michielstock
2
740
Pawsitive SEO: Lessons from My Dog (and Many Mistakes) on Thriving as a Consultant in the Age of AI
davidcarrasco
0
190
"I'm Feeling Lucky" - Building Great Search Experiences for Today's Users (#IAC19)
danielanewman
230
23k
Discover your Explorer Soul
emna__ayadi
2
1.2k
[Rails World 2023 - Day 1 Closing Keynote] - The Magic of Rails
eileencodes
38
2.9k
My Coaching Mixtape
mlcsv
0
170
Building a Modern Day E-commerce SEO Strategy
aleyda
45
9.1k
Transcript
None
Anton Davydov github.com/davydovanton twitter.com/anton_davydov davydovanton.com
OpenSource
None
None
None
None
authentication
typical authentication
• user authentication • working with current user • security
• different auth ways (OTP, OmniAuth, 2FA) • simple way to use it with other frameworks
but in a real life we have some
• wasting time for typical functionality • complicated logic •
magic in models/controllers • it’s hard to add new feature
and actually we can use…
devise
devise ❤ • popular • based on Rails engines •
use only what you really need • add-ons • fast for production
devise • only rails • problem with custom logic •
creates unnecessary raws in table • hulk • can be difficult to integrate
warden
sorcery
custom solution
custom solution ❤ • absolutely custom • works only for
special cases • works good when other solutions sucks
• DRY in each application • spend much time for
simple cases • you can write • you need to write all popular solutions custom solution
what problems we have • no simplicity • no flexibility
• magic • only for rails
rodauth github.com/jeremyevans/rodauth
rodauth ❤ • fast • simple • easy to integrate
with other frameworks • many features from the box • use only what you need
rodauth • little-known solution • new technology (from Jun 7,
2015) • another routing framework
Jeremy Evans github.com/jeremyevans
roda github.com/jeremyevans/roda
roda: general ideas • simplicity • reliability • extensibility •
performance
# config.ru require "roda" class App < Roda route do
|r| r.root do r.redirect "/hello" end # GET /hello request r.get "hello" do "Hello world!" end end end run App.freeze.app
# config.ru require "roda" class App < Roda route do
|r| r.root do r.redirect "/hello" end # GET /hello request r.get "hello" do "Hello world!" end end end run App.freeze.app
# config.ru require "roda" class App < Roda route do
|r| r.root do r.redirect "/hello" end # GET /hello request r.get "hello" do "Hello world!" end end end run App.freeze.app
# config.ru require "roda" class App < Roda route do
|r| r.root do r.redirect "/hello" end # GET /hello request r.get "hello" do "Hello world!" end end end run App.freeze.app
rodauth: general ideas
security
simplicity
flexibility
all features
login logout change password change login reset password create account
close account verify account confirm account remember lockout OTP recovery codes SMS codes verify change login verify account grace period password grace period password complexity disallow password reuse password expiration account expiration session expiration single session JWT (JSON API)
architecture
it’s just a plugin for roda
# cat config.ru require "roda" class RodauthApp < Roda plugin
:rodauth do enable :login, :logout, :change_password end route do |r| r.rodauth rodauth.require_authentication end end run RodauthApp
# cat config.ru require "roda" class RodauthApp < Roda plugin
:rodauth do enable :login, :logout, :change_password end route do |r| r.rodauth rodauth.require_authentication end end run RodauthApp
# cat config.ru require "roda" class RodauthApp < Roda plugin
:rodauth do enable :login, :logout, :change_password end route do |r| r.rodauth rodauth.require_authentication end end run RodauthApp
# cat config.ru require "roda" class RodauthApp < Roda plugin
:rodauth do enable :login, :logout, :change_password end route do |r| r.rodauth rodauth.require_authentication end end run RodauthApp
# cat config.ru require "roda" class RodauthApp < Roda plugin
:rodauth do enable :login, :logout, :change_password end route do |r| r.rodauth rodauth.require_authentication end end run RodauthApp
how we can use rodauth with other apps
general idea for integration
use middleware
Rack Rodauth Your app
Rack Rodauth Your app
Rack Rodauth Your app
Rack environment session Rodauth Your app
github.com/jeremyevans/rodauth-demo-rails
https://git.io/vPDao
github.com/davydovanton/rodauth_hanami
github.com/davydovanton/grape-rodauth JSON auth only
but we live in real world and we won’t use
this
how we can use these ideas in our apps
devise
None
None
use separate Account model instead of User/Admin
put all logic to separate application like admin app
don’t put all your logic to Model
bonus
None
• roda.jeremyevans.net • rodauth.jeremyevans.net • groups.google.com/forum/#!forum/ruby-roda • irc://chat.freenode.net/#roda • trailblazer
and devise: goo.gl/cdANIA
conclusions
None
github.com/davydovanton twitter.com/anton_davydov davydovanton.com Thank you