Ruby on Rails 4 - What Authentication Gem to Use

Ruby on Rails 4 - What authentication gem to use?

Devise is a full-featured authentication solution which handles all of
the controller logic and form views for you.

1. First, include the Devise gem in your Gemfile:

   gem 'devise' 'version-if-u-want-any specific'

2. To install the newly-added gem, use:

   bundle install

3. To install Devise, run:

   rails g devise:install

   and perform some settings manually, which are shown in the output of the command.

4. (Optional) For customization purposes, we can include the Devise gem's views in our app's views:

   rails g devise:views

5. (Optional) Generate the user model, which will be used by Devise:

   rails g devise user

6. Migrate your database:

   rake db:migrate

7. You can see routes using:

   rake routes

8. For signing up users, visit:

   localhost:3000/users/sign_up

Authentication gem to use for Neo4j and Rails 4?

In your Gemfile, use gem 'devise-neo4j', "~> 2.0.0.alpha.1". It was updated earlier this year to support Neo4jrb v3.

rails 4 user authentication

I've been using Pundit instead of Cancan for the last few projects I've done. It is lightweight, flexible and easy to use. Here's the link: https://github.com/elabs/pundit

In regards to your question, you will create policies for each model. For each action you define a method. It's super simple and explained on the link I've attached. Here as an example you have update in your model (models/post.rb):

def update
  @post = Post.find(params[:id])
  authorize @post
   if @post.update(post_params)
     redirect_to @post
   else
     render :edit
   end
end

Call authorize to define permissions.

In your policies/post.rb:

class PostPolicy < Struct.new(:user, :post)
  def update?
   user.admin? or not post.published?
  end
end

That returns true or false. In your case if you want to check if the user is a owner you can place the following if statement:

 if user.admin? || user.owner_of?(post)

You get the idea. You can also define scopes, etc.

Net/LDAP gem and basic auth in Rails 4 app

Have you looked at the Gem devise_ldap_authenticatable.I guess it better suits your requirement.Instead of using your own authentication system, you could use LDAP(Active directory) as an authentication provider.

If you are building applications for use within your organization
which require authentication and you want to use LDAP, this plugin is
for you.

Devise LDAP Authenticatable works in replacement of Database
Authenticatable. This devise plugin has not been tested with
DatabaseAuthenticatable enabled at the same time. This is meant as a
drop in replacement for DatabaseAuthenticatable allowing for a semi
single sign on approach.

SAML based single sign on is also popularly renowned way of transmitting authentication and authorization information as an XML. Service Provider(You) can leverage Identity Provider(Active directory- perhaps ADFS) for authentication purposes. Ruby-SAML by onelogin is well known gem for SAML implementation.

How to create authentication from scratch in rails 4

Don't do it.

You have no idea of the number of ways that you can accidentally leave yourself open to serious compromise.

You are not as smart as the hundreds of developers that have been working for years on devise (none of us are).

Have a look at the Rails Security Guide for a short list of the ways that people can use your app that you probably never even considered.

If you want to play around and have a go to see how it's done, then sure play... but when you come to actually securing a real app... Just Use Devise.

---

Related Topics