demystifying warden

warden

wardenequipping yourself to better

understand devise

any love for devise?

okay, so what is warden?

a mechanism for authentication in rack based ruby applications

Warden is upstream of some session middleware

Creates an env[‘warden’] proxy

Authentication can be shared between several Rack apps

sweet, why should I learn more about it?

• create custom light-weight authentication middleware

• share authentication between multiple Rack apps (rails & sinatra)

• better understand higher level libraries that use it (i.e. devise)

• and, well…

Because it’s way awesome!

Mission Debriefing

• user• strategy• failure app• scope

user – any object that can be serialized into the session marking a request authenticated.

strategy – a place to keep logic for a certain method of authenticating a request

failure app – a specified rack endpoint after all authentication strategies have failed

scope – a grouping of warden configuration settings.

WARNING! This is very oversimplified

env[‘warden’].user(:api)env[‘warden’].authenticated?(:admin)

Demo!

*crosses fingers*

Surprisingly nice…