Skip to content
Browse files

Publishing post.

  • Loading branch information...
1 parent 551b34c commit 18e972d9e2ee71e7a16f4fb10e757acb11890f9c @waratuman committed Apr 19, 2012
Showing with 14 additions and 2 deletions.
  1. +14 −2 _posts/
16 _posts/
@@ -2,7 +2,6 @@
title: User Authentication with Rails and Backbone.js
author: James R. Bracy
layout: post
-published: false
[Backbone.js]( is a small framework
@@ -969,4 +968,17 @@ To learn more about [Backbone.js](, vi
Peepcode also has some great [screencasts](
They don't use the most recent version of [Backbone.js](, but its still full of
great information. Some folks have even started writing a free eBook. [Check it out]( for a deeper dive
-into [Backbone.js](
+into [Backbone.js](
+A quick note about security. By default [Rails]( uses
+cookies to store session data. The user will be able to see what is stored in
+the cookie. However [Rails]( does [sign](
+the cookie to prevent the user from tampering with it.
+[HTTPS]( should also be used on the login and
+signup pages. The downside of this is that you may run into issues when
+caching parts of the page. Ideally we would just make the [AJAX]( request when
+the users submits the form over [HTTPS]( The `force_ssl` feature in [Rails](
+can be used to force an action to use [HTTPS](

0 comments on commit 18e972d

Please sign in to comment.
Something went wrong with that request. Please try again.