active_entry
session-replay-demo | active_entry | |
---|---|---|
1 | 5 | |
4 | 14 | |
- | - | |
3.8 | 0.0 | |
over 3 years ago | over 2 years ago | |
Ruby | Ruby | |
MIT License | MIT License |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
session-replay-demo
-
Avoiding session replay attacks in Rails
So to get started, we need a demo app with a basic authentication system. I've created one that's available on GitHub. It just has sign up, login and logout mechanisms and should be easy to understand for anyone familiar with Rails. The code examples above were extracted from this demo app.
active_entry
-
Access control gem for your Rails application (the 2nd)
Add the gem to your Gemfile and bundle install. 1.1. (Optional but recommended) Add verify_authentication! and verify_authorization! to your ApplicationController to never forget to perform it in your controllers.
- Release V2 - Active Entry Access Control | Now with policies
- Release V2 – Active Entry Rails Access Control – Now with Policies
- GitHub: Active Entry | Authentication and Authorization for your Rails App
- GitHub: Active Entry – Authentication and Authorization for Your Rails App
What are some alternatives?
Devise Token Auth - Token based authentication for Rails JSON APIs. Designed to work with jToker and ng-token-auth.
Rack::Attack - Rack middleware for blocking & throttling
devise - Flexible authentication solution for Rails with Warden. [Moved to: https://github.com/heartcombo/devise]
Metasploit - Metasploit Framework
rabid - :cookie: A CLI tool and library allowing to simply decode all kind of BigIP cookies.
Brakeman - A static analysis security vulnerability scanner for Ruby on Rails applications
devise-jwt - JWT token authentication with devise and rails
Rack::ContentSecurityPolicy
Hashids - A small Ruby gem to generate YouTube-like hashes from one or many numbers. Use hashids when you do not want to expose your database ids to the user.
Gitrob - Reconnaissance tool for GitHub organizations
Rack::UTF8Sanitizer - Rack::UTF8Sanitizer is a Rack middleware which cleans up invalid UTF8 characters in request URI and headers.
SiRP - Secure (interoperable) Remote Password Auth (SRP-6a)