View: 
Types
- Free Episodes
- Pro Episodes
- Revised Episodes
Categories
- Active Record
- Active Resource
- Active Support
- Administration
- Ajax
- APIs
- Authentication
- Authorization
- Background Jobs
- Caching
- Code Walkthrough
- Controllers
- Debugging
- Deployment
- eCommerce
- Forms
- Mailing
- Models
- Performance
- Plugins
- Production
- Rack
- Rails 2.0
- Rails 2.1
- Rails 2.2
- Rails 2.3
- Rails 3.0
- Rails 3.1
- Rails 3.2
- Rails 4.0
- Refactoring
- Routing
- Search
- Security
- Testing
- Tools
- Views
Dangers of Session Hijacking
If a user's authentication cookie is sent over an insecure connection it is vulnerable to session hijacking, or more specifically, sidejacking. Learn how this is done, and how you can prevent it.
(6 minutes)
Facebook Authentication
This will show how to create a new facebook application and configure it. Then add some authentication with the omniauth-facebook gem and top it off with a client-side authentication using the JavaScript SDK.
(12 minutes)
Session Based Model
If you have a lot of logic associated with the data inside a session, you'll need some central location to put this logic. See how to create a session based model in this episode.
(13 minutes)
Guest User Record
Instead of presenting a sign up form to the user, consider creating a temporary guest record so the user can try out the application without filling in their information up front. They can then become a permanent member afterwards.
(9 minutes)
Remember Me & Reset Password
It is easy to create authentication from scratch, but how do we extend it with more features? Here I add a "remember me" check box and a "forgotten password" link.
(12 minutes)
Wizard Forms with Wicked
Creating a wizard form can be tricky in Rails. Learn how Wicked can help by turning a controller into a series of multiple steps.
(11 minutes)
Cookie Based Session Store
In Rails 1.2 the default session store is file based. This is inefficient and difficult to maintain. In Rails 2.0 the default is now cookie based which has several benefits as you will see in this episode.
(4 minutes)
Authentication in Rails 3.1
Here I show off three new features in Rails 3.1 that will help with authentication: easier HTTP Basic, SecurePassword in the database, and forcing SSL.
(7 minutes)
Authentication with Sorcery
Sorcery is a full-featured, modular solution to authentication which leaves the controller and view layers up to you.
(10 minutes)
Authentication from Scratch
Password authentication is not too complicated to make from scratch, it will also help to get a better understanding of how it works.
(15 minutes)