Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.

Awesome Lists | Featured Topics | Projects

https://github.com/square/rails-auth

Modular resource-based authentication and authorization for Rails/Rack
https://github.com/square/rails-auth

Last synced: 3 months ago
JSON representation

Modular resource-based authentication and authorization for Rails/Rack

Host: GitHub
URL: https://github.com/square/rails-auth
Owner: square
License: apache-2.0
Created: 2016-01-22T18:31:44.000Z (almost 9 years ago)
Default Branch: master
Last Pushed: 2023-01-16T22:43:27.000Z (almost 2 years ago)
Last Synced: 2024-04-13T17:52:13.181Z (7 months ago)
Language: Ruby
Homepage:
Size: 220 KB
Stars: 288
Watchers: 21
Forks: 26
Open Issues: 5
Metadata Files:
- Readme: README.md
- Changelog: CHANGES.md
- Contributing: CONTRIBUTING.md
- License: LICENSE

Awesome Lists containing this project

README

        Rails::Auth

===========

[![Gem Version](https://badge.fury.io/rb/rails-auth.svg)](http://rubygems.org/gems/rails-auth)

[![Build Status](https://travis-ci.org/square/rails-auth.svg?branch=master)](https://travis-ci.org/square/rails-auth)

[![Code Climate](https://codeclimate.com/github/square/rails-auth/badges/gpa.svg)](https://codeclimate.com/github/square/rails-auth)

[![Coverage Status](https://coveralls.io/repos/github/square/rails-auth/badge.svg?branch=master)](https://coveralls.io/github/square/rails-auth?branch=master)

[![Apache 2 licensed](https://img.shields.io/badge/license-Apache2-blue.svg)](https://github.com/square/rails-auth/blob/master/LICENSE)

Modular resource-based authentication and authorization for Rails/Rack designed

to support [microservice] authentication and [claims-based identity].

[microservice]: http://martinfowler.com/articles/microservices.html

[claims-based identity]: https://en.wikipedia.org/wiki/Claims-based_identity

## Description

Rails::Auth is a flexible library designed for both authentication (AuthN) and authorization (AuthZ) using Rack Middleware.

It [splits AuthN and AuthZ steps into separate middleware classes][design overview], using AuthN middleware to first verify

credentials (such as X.509 certificates or cookies), then authorizing the request via separate AuthZ middleware that

consumes these credentials, e.g. [access control lists][acls] (ACLs).

Rails::Auth can be used to authenticate and authorize end users using browser cookies, service-to-service requests using

[X.509 client certificates][x509], or any other clients with credentials that have proper authenticating middleware.

Despite what the name may lead you to believe, Rails::Auth also [works well with other Rack-based frameworks][rack]

like Sinatra.

[design overview]: https://github.com/square/rails-auth/wiki/Design-Overview

[acls]: https://github.com/square/rails-auth/wiki/Access-Control-Lists

[x509]: https://github.com/square/rails-auth/wiki/X.509

[rack]: https://github.com/square/rails-auth/wiki/Rack-Usage

## Installation

Add this line to your application's Gemfile:

```ruby

gem 'rails-auth'

```

And then execute:

    $ bundle

Or install it yourself as:

    $ gem install rails-auth

## Comparison to other Rails/Rack auth libraries/frameworks

For a comparison of Rails::Auth to other Rails auth libraries, including

complimentary libraries and those that Rails::Auth overlaps/competes with,

please see this page on the Wiki:

[Comparison With Other Libraries](https://github.com/square/rails-auth/wiki/Comparison-With-Other-Libraries)

## Documentation

Documentation can be found on the Wiki at: https://github.com/square/rails-auth/wiki

YARD documentation is also available: http://www.rubydoc.info/github/square/rails-auth/master

Please see the following page for how to add Rails::Auth to a Rails app:

[Rails Usage](https://github.com/square/rails-auth/wiki/Rails-Usage)

## Contributing

Any contributors to the master *rails-auth* repository must sign the

[Individual Contributor License Agreement (CLA)]. It's a short form that covers

our bases and makes sure you're eligible to contribute.

When you have a change you'd like to see in the master repository, send a

[pull request]. Before we merge your request, we'll make sure you're in the list

of people who have signed a CLA.

[Individual Contributor License Agreement (CLA)]: https://spreadsheets.google.com/spreadsheet/viewform?formkey=dDViT2xzUHAwRkI3X3k5Z0lQM091OGc6MQ&ndplr=1

[pull request]: https://github.com/square/rails-auth/pulls

## License

Copyright (c) 2016 Square Inc. Distributed under the Apache 2.0 License.

See LICENSE file for further details.