When in Doubt, Use Devise or OmniAuth
Explore how to implement secure authentication in Rails applications using the Devise and OmniAuth gems. Understand when to choose each solution and how to handle user roles with CanCanCan. Learn best practices for designing authentication and authorization systems and testing them to reduce security risks.
We'll cover the following...
Overview
One of the most common cross-cutting concerns in any app is the need to authenticate users and authorize the actions they may take in an app. Rails does not include any facility for managing this because the way authentication is handled is far less common than, say, the way code accesses a database.
This gap requires that we do some upfront thinking and design for how we want to handle this important part of our app. For authentication, there are two common gems that handle the most common cases, and we’ll talk about which situations are ...