Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with
or
.
Download ZIP
Browse files

Released v0.10.0

  • Loading branch information...
commit 9f0ec4fac5136d5ada4a943c38f258f1a16ddaf6 1 parent b49258f
@binarylogic binarylogic authored
View
8 README.rdoc
@@ -238,15 +238,15 @@ From there it is pretty simple. When you try to create a new session the record
You probably don't care, but I think releasing the millionth authentication solution for a framework that has been around for over 4 years requires a little explanation.
-I don't necessarily think the current solutions suck, nor am I saying Authgasm is the answer to our prayers. But the current solutions were pretty disappointing. Especially when the rails community is full of brilliant programmers, and the best we could come up with was the "restful-authentication" plugin. This was just sad, and frankly kind of irritated me. Here's why...
+I don't necessarily think the current solutions are "wrong", nor am I saying Authgasm is the answer to our prayers. But the current solutions were pretty disappointing. Especially when the rails community is full of brilliant programmers, and the best we could come up with was the "restful-authentication" plugin. This was just sad, and frankly kind of irritated me. Here's why...
-=== Generators are not the right solution
+=== Generators are not the answer
Generators have their place, and it certainly is not to add authentication to a rails app. It doesn't make sense. Generators are meant to be a starting point for repetitive tasks that have no sustainable pattern. Take controllers, the set up is the same thing over and over, but they eventually evolve to a point where there is no clear cut pattern. Trying to extract a pattern out into a library would be extremely hard, messy, and overly complicated. As a result, generators make sense here.
-Authentication is a one time set up process for your app. It's the same thing over and over and the pattern never really changes. The only time it changes is to conform with newer / stricter security techniques. This is exactly why generators suck as an authentication solution. Generators litter your application with code that you get to maintain. You get to make sure it stays up with the latest and greatest security techniques. How fun! Oh, and when the plugin you used releases some major update, you can't just re-run the generator, you get to sift through the code to see what changed! Awesome! The cherry on top is the fact that you get to go through every app you've made and apply this update. When ActiveRecord releases an update do you go through it line by line and manually apply it in each one of your apps? No.
+Authentication is a one time set up process for your app. It's the same thing over and over and the pattern never really changes. The only time it changes is to conform with newer / stricter security techniques. This is exactly why generators should not be an authentication solution. Generators litter your application with code that you get to maintain. You get to make sure it stays up with the latest and greatest security techniques. How fun! Oh, and when the plugin you used releases some major update, you can't just re-run the generator, you get to sift through the code to see what changed! Awesome! The cherry on top is the fact that you get to go through every app you've made and apply this update. You don't really have a choice either, because you can't ignore security updates. When ActiveRecord releases an update do you go through it line by line and manually apply it in each one of your apps? No.
-Security moves fast, and hackers make sure of this. If there is a security update or improvement it should not be ignored. As a result, it should be easy to update. Doesn't it make sense to leverage a library to handle this functionality for you? This way, when some new security technique is released, or a bug with your authentication system is found, you can fix it with a simple update. Just like everything else in ruby / rails.
+Security moves fast, and hackers make sure of this. As a result, it should be easy to update. Doesn't it make sense to leverage a library to handle this functionality for you? This way, when some new security technique is released, or a bug with your authentication system is found, you can fix it with a simple update. Just like everything else in ruby / rails.
=== Limited to a single authentication
View
2  lib/authgasm/version.rb
@@ -44,7 +44,7 @@ def to_a
MAJOR = 0
MINOR = 10
- TINY = 0
+ TINY = 1
# The current version as a Version instance
CURRENT = new(MAJOR, MINOR, TINY)
View
BIN  test_app/db/test.sqlite3
Binary file not shown
Please sign in to comment.
Something went wrong with that request. Please try again.