Low commit activity in last 3 years
There's a lot of open issues
No release in over a year
A plugin-based framework for supporting multiple authentication and authorization systems in Rails/Rack apps. Supports resource-oriented route-by-route access control lists with TLS authentication.
2005
2006
2007
2008
2009
2010
2011
2012
2013
2014
2015
2016
2017
2018
2019
2020
2021
2022
 Dependencies

Development

>= 1.10, < 3
~> 10.0

Runtime

>= 0
 Project Readme

Rails::Auth

Gem Version Build Status Code Climate Coverage Status Apache 2 licensed

Modular resource-based authentication and authorization for Rails/Rack designed to support microservice authentication and claims-based identity.

Description

Rails::Auth is a flexible library designed for both authentication (AuthN) and authorization (AuthZ) using Rack Middleware. It splits AuthN and AuthZ steps into separate middleware classes, using AuthN middleware to first verify credentials (such as X.509 certificates or cookies), then authorizing the request via separate AuthZ middleware that consumes these credentials, e.g. access control lists (ACLs).

Rails::Auth can be used to authenticate and authorize end users using browser cookies, service-to-service requests using X.509 client certificates, or any other clients with credentials that have proper authenticating middleware.

Despite what the name may lead you to believe, Rails::Auth also works well with other Rack-based frameworks like Sinatra.

Installation

Add this line to your application's Gemfile:

gem 'rails-auth'

And then execute:

$ bundle

Or install it yourself as:

$ gem install rails-auth

Comparison to other Rails/Rack auth libraries/frameworks

For a comparison of Rails::Auth to other Rails auth libraries, including complimentary libraries and those that Rails::Auth overlaps/competes with, please see this page on the Wiki:

Comparison With Other Libraries

Documentation

Documentation can be found on the Wiki at: https://github.com/square/rails-auth/wiki

YARD documentation is also available: http://www.rubydoc.info/github/square/rails-auth/master

Please see the following page for how to add Rails::Auth to a Rails app:

Rails Usage

Contributing

Any contributors to the master rails-auth repository must sign the Individual Contributor License Agreement (CLA). It's a short form that covers our bases and makes sure you're eligible to contribute.

When you have a change you'd like to see in the master repository, send a pull request. Before we merge your request, we'll make sure you're in the list of people who have signed a CLA.

License

Copyright (c) 2016 Square Inc. Distributed under the Apache 2.0 License. See LICENSE file for further details.