This is a basic Rails engine utilizing Authlogic, CanCan and Easy Roles to create a starting point for simple Rails-based applications that need authentication and authorization.

Minimalistic authorization focused on APIs

No magic authorization for Rails

courtesy - Wikipedia: Maker-checker (or Maker and Checker, or 4-Eyes) is one of the central principles of authorization in the information systems of financial organizations.The principle of maker and checker means that for each transaction, there must be at least two individuals necessary for it...

Thin wrapper around Russian Post package tracking SOAP API. Works on a per-package basis (contrary to the bulk ticket-based API). Use it at your own risk, since the API may appear unstable and require authorization in future.

An opinionated almost-turnkey solution for managing authorization in Rails

Escher authorization for rack based http servers with ease in a form of middleware

Rack middleware for using the Authorization header with token authentication

Custom Ability class that allows CanCanCan authorization library store permissions in MongoDB via the Mongoid gem.

A dynamic authorization engine sporting a nice DSL and web administration interface.

This module allows models to define and execute custom actions with various hooks, authorization checks, and lifecycle callbacks. It's designed to standardize how business actions are performed on models.

Provides configurable, extensible authentication and authorization for Nitro.

Easy way to authentication and authorization

Rails engine to provide OAuth2 authorization for embedded iframe applications.

An implementation of OAuth2 Authorization Server

Authorization server 'Rails Engine' for Oauth2 HMac Draft 01.

Rack middlewares for OAuth2 authorization server and resource server

Hybrid authentication and authorization strategy for Google APIs. Combines the process for obtaining an authorized OAuth request token along with an OpenID authentication request.

Use a time-sensitive cryptographic token based on a shared secret phrase to generate an authorization token for passing traffic from one web site to another.

Extends Pundit with roles, allowing attribute and association level authorizations, suits modern APIs well