Demystifying Warden
•Descargar como PPTX, PDF•
4 recomendaciones•2,674 vistas
Better position yourself for understanding how devise works
Recomendados
Más contenido relacionado
Similar a Demystifying Warden
Similar a Demystifying Warden (20)
Demystifying Warden
- 2. warden
- 3. wardenequipping yourself to better understand devise
- 4. any love for devise?
- 5. okay, so what is warden?
- 6. a mechanism for authentication in rack based ruby applications
- 7. Warden is upstream of some session middleware Creates an env[‘warden’] proxy Authentication can be shared between several Rack apps
- 8. sweet, why should I learn more about it?
- 9. create custom light-weight authentication middleware share authentication between multiple Rack apps (rails & sinatra) better understand higher level libraries that use it (i.e. devise) and, well…
- 10. Because it’s way awesome!
- 11. Mission Debriefing user strategy failure app scope
- 12. user – any object that can be serialized into the session marking a request authenticated.
- 13. strategy – a place to keep logic for a certain method of authenticating a request
- 15. failure app – a specified rack endpoint after all authentication strategies have failed
- 16. scope – a grouping of warden configuration settings. WARNING! This is very oversimplified
Notas del editor
- I know I’ve met a lot of you, but here is a bit of info about myself
- Today I’d like to talk a bit about Warden.
- So, I am going to talk about warden, but the goal of the talk is to understand just enough about warden so that Devise seems a little less magical.
- Who here has used Devise?Who here has used Warden directly?
- ON NEXT SLIDEWarden definition
- AFTER THIS SLIDELets take a look at how warden fits into the rack application stack
- First off, you are required to use some sort of session middleware upstream of warden. I’ve used Rack::Session for thisNext, warden is a piece of middleware that lazily places a warden proxy object into the rack environmentAll rack applications mounted after warden now have access to this warden object, allowing you to share authentication between any number of rack apps
- That’s all well and good, but you have to ask, why should I learn more?
- Now, before we go on, we need to define some terminology.You’ll have to forgive me for a bit of hand-waving, but hopefully it will become more clear after the demo
- Of course, you’ll need to provide the logic for serializing and deserializing your object into and out of the session. We’ll get to that a bit later
- Strategies typically define two methods: valid? : This normally just checks to see if the correct parameters are coming in, dismissing the request if they are wasting your time authenticate! : This method houses the logic for determining whether or not the parameters passed in pass or fail authenticationStrategies are cascading
- This can be any mounted rack app. For example, a Rails controller or Sinatra application.
- So you can assign which strategies to use for a specific scopeYou can define a default scopeWhen you call authenticate! You can specify which scope you’d like to authenticate against
- I’ve only scrapped the surface of how Warden worksBut, much like sleeping inside of a tauntaun, Warden isn’t so bad after all…I’ll be at rusty bucket afterwards, I’ll do my best to answer any questions you might haveThanks!