logo Boston Ruby Group

January 14, 2014


by Bob Breznak

Devise is pretty widly used, but have you ever needed more out of it? With the recent release of 3.1.0, Token Authenticatable has been dropped; how can you replace it securely? This talk will quickly go over the basics of Devise, dive into its core use of Warden and we'll write a few new custom strategies. Developers walking into the talk without any previous exposure to Devise will get a quick intro, casual users will get a better understanding of how its innards work, and the seasoned will get to see how one group addressed api authentication token generation while avoiding the timing security issues that had previously existed.