Absolutely, that's a valid argument. However, if you need to do some customizations and start monkey patching a gem you may open it up for vulnerabilities as well, right? Plus, it would make your code messy when you have some code in your project and some in the gem.
But sure, it is convient to have everything done and tested for you in gems like Devise. Any other thoughts on this subject? Den tisdagen den 7:e maj 2013 kl. 03:56:33 UTC+2 skrev tamouse: > > On Mon, May 6, 2013 at 12:38 PM, Linus Pettersson > <[email protected] <javascript:>> wrote: > > Hi! > > > > I watched this video the other day: http://vimeo.com/39498553 > > where they argue that it may be a better idea to roll your own > > authentication solution using has_secure_password instead of using, for > > instance, Devise. > > > > I started a new project using Rails 4 today and need authentication. I'm > > thinking about creating my own using has_secure_password for learning > > purposes and also to make it more customizable (not sure what I actually > > need yet). > > > > Anyway, what are your thoughts on this subject? Do you usually use gems > like > > Devise or just use your own solutions? > > Authentication and authorization are often vital functions; rolling my > own would be interesting as an exercise, but I would rather rely on > something that has seen thousands of uses across as many projects and > eyes. Implementing my own, I also have to create all the tests, and > the chance of me forgetting something in that case are great. > -- You received this message because you are subscribed to the Google Groups "Ruby on Rails: Talk" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To post to this group, send email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msg/rubyonrails-talk/-/p9c0G-vFFOIJ. For more options, visit https://groups.google.com/groups/opt_out.
