Authentication & Authorization
The best form of security in the digital age is to use an authentication authorization feature for your login/logout functionality. In this way, you won’t have to deal with hacking breaches coming from your internal database and can solely rely on the authentication practices of the provider you choose. Providers can be companies such as Github, Gmail, Google, Facebook, and more.
Commonly Used Authentication Gems
- Devise
- OmniAuth
- Authlogic
Commonly Used Authorization Gems
- CanCanCan
- Pundit
Today we will discuss how to implement the OmniAuth Gem. First, what is authentication all about? The four security concepts we need to learn are:
- Identification: When you receive an identity claim directly from the user. (email, name)
- Authentication: The verification process of the identity claim from a user.
- Access Policy: A usage policy created from the features of the resource that is being accessed and from the user that wants access granted.
- Authorization: Give proper access of privileges for user.
The OmniAuth Gem helps any Rails app manage the flows for OmniAuth and OpenID Connect. It asks for the provider (Github, in this example) for access to the information of user via JSON Web Tokens. Then, OmniAuth gives a hash through a request.env[‘omniauth.auth’] which has all the info of the logged-in user. This is then simply sent to Active Record to keep inside the database.
Resources:
https://learn.co/lessons/authentication-and-authorization-recap-and-gems
