Archive for the ‘Ruby on Rails’ Category

Simple and Restful Account Recovery for Ruby on Rails

Posted on March 24th, 2008 in Cryptography, Ruby on Rails, Security

Continuing on with building a simple and restful user authentication system is allowing your users to recover their accounts. Account recovery is necessary as user’s have a knack for forgetting their passwords. Often, I come across account recovery methods that are crufty or insecure. Such does not need to be the case, especially with Ruby on Rails.

In this tutorial, you will use symmetric encryption to make secure forgotten password links that stop functioning after use. You will also use ActionMailer to email the link to the user’s address of record. Read the rest of this entry »

Simple and Restful Authentication for Ruby on Rails

Posted on February 23rd, 2008 in Ruby on Rails, Security

Ruby on Rails seems to be driving more and more toward RESTful programming. However, my search for ideas on how to make a truly RESTful authentication system came up pretty dry. I either found systems that were not as RESTful as I wanted or far to complex then I deemed necessary. As such, I gave some thought on how to make my own.

The result was creating a very simple, flexible and RESTful system. By seeing how I made it, you will also learn more about RESTful programming, understand how to use it within Rails and experience how it keeps your code base lean and clean. Read the rest of this entry »