G
G
gmrash2014-09-11 11:03:52
Ruby on Rails
gmrash, 2014-09-11 11:03:52

Ruby on Rails user authorization: write your own or use gems?

Tasks: Authorization of users, roles, access rights, two types of authorization for backoffice users and clients.
Should I write authorization from scratch? We tried to tinker with Devise, as it turns out to be inflexible without deep study, we are thinking of writing our own, but the question is whether we can solve this problem.

Answer the question

In order to leave comments, you need to log in

4 answer(s)
_
_ _, 2014-09-11
@AMar4enko

To authorize Devise (if you want to be more flexible, you can immediately take Warden)
To delimit the powers of CanCan.
All this has long been proven in practice.

V
Viktor Vsk, 2014-09-11
@viktorvsk

Authlogic - if you need flexibility.
But I think you just understood what a device is. It does not solve any of the tasks that you have given, it is engaged in authentication .
CanCan (or already CanCanCan for 4 rails) deals with authorization, but does not deal with roles You
can do the roles yourself (if everything is simple), for example, as cancan suggests - https://github.com/ryanb/cancan/wiki/Role-Based- Au...
or use different gems railscasts.com/episodes/188-declarative-authorizat...
if your so-called backoffic and client is something more than permissions by roles, then I don't understand what it is at all, and which side to the device.
Authentication and authorization is such a popular topic that you definitely won't do anything qualitatively new

F
FanKiLL, 2014-09-11
@FanKiLL

And I think that authorization and authentication should be written for yourself.
The only thing that I would not write myself is Oauth authentication - and I would take OmniAuth
. Otherwise, everything else is written quite quickly and the main thing is that you will fully understand the mechanism of how the most important part of your application works. Although if you know the gem well, let's say the device and understand exactly how it works, and if something happens, you can change everything - take it.
I don’t understand what the problem is to write this from scratch, especially since, for example, there is a 2-part screencast on railscasts, which shows how to do it from scratch. Then it is not so difficult to make a plate with roles and a method that checks whether the user has this or that role.
I mean, this is an important part of the application - in fact, this is the future backbone - according to which you will be allowed to enter the admin panel or give - do not let something edit or let into some part of the site.

Z
zion5un, 2014-09-11
@zion5un

devise+pundit work well together too

Didn't find what you were looking for?

Ask your question

Ask a Question

731 491 924 answers to any question