Talks
Speakers
Events
Topics
Sign in
Home
Talks
Speakers
Events
Topics
Leaderboard
Use
Analytics
Sign in
Suggest modification to this talk
Title
Description
Rodauth is Ruby's most advanced authentication framework, designed to work in any rack application” Latest release adds WebAuthn support for MFA/passwordless auth, active_sessions feature allowing global logout, audit_logging feature, now fully translatable. In this talk, Jeremy will guide you through all the new features! Jeremy is a Ruby Committer. OpenBSD ruby ports maintainer. Lead developer of Sequel, Roda, and Rodauth.
Date
Summarized using AI?
If this talk's summary was generated by AI, please check this box. A "Summarized using AI" badge will be displayed in the summary tab to indicate that the summary was generated using AI.
Show "Summarized using AI" badge on summary page
Summary
Markdown supported
In the Pivorak Conf 5.0 online edition, Jeremy Evans presents Rodauth 2.0, Ruby's advanced authentication framework suitable for any Rack application. With enhancements like WebAuthn support for multi-factor authentication (MFA), global logout through active sessions, and audit logging capabilities, Rodauth stands out for its security and flexibility. **Key Points Discussed:** - **Background of Rodauth:** Created in 2015 due to the diverse authentication needs across multiple applications with various back-end requirements. Jeremy aimed to provide a flexible and secure solution tailored for non-Rails applications. - **Comparison with Other Frameworks:** Rodauth encompasses features found in popular frameworks like Devise, such as logins, password resets, and account verification, but adds additional security features like password reuse restrictions and support for multi-factor authentication. - **Security Features:** Rodauth prioritizes security with best practices for password storage, including separate tables and controlled access via database functions, which minimize risk in case of SQL injection vulnerabilities. - **Simplicity and Configuration:** Unlike other frameworks that require changes across multiple files, Rodauth allows centralized configuration, supporting over a thousand configuration methods for customization, including request-specific behaviors. - **Integration with Different Frameworks:** Rodauth can be used with various Rack applications, including Sinatra and Rails, aided by a middleware plugin. - **Concurrent User Support:** The framework allows for unique configurations for different user types (e.g., admins vs. regular users) and supports OAuth integration via an external gem. - **Recent Developments:** The recent v2.0 release enhances these features while maintaining backward compatibility. **Conclusions:** - Rodauth is positioned as a robust and flexible authentication solution for developers looking for granularity in security and ease of use. The consideration of security in design, plus its adaptable configuration, positions Rodauth as a strong candidate for future projects requiring authentication frameworks. Jeremy encourages exploring Rodauth through its demo site and comprehensive documentation to understand its capabilities better.
Suggest modifications
Cancel
