acts_as_conference 2009: OAuth and APIs
Everyone's had the problem of wanting to access and allow access to web services/APIs for extensions and plugins, but this usually means handling login credentials in plain text. Not many users like this, and those that do give their login and password out are compromising their account's security. OAuth is a solution to this. Designed by the people that created OpenID, you can let your users give permission for a 3rd-party application to access their account the same way that services like Flickr do it. Not by using login/password, but by using an encrypted authentication token. Tim will talk about OAuth integration into Rails projects, cover the basics of OAuth for beginners, show how to istall OAuth to protect an existing project, how to protect controller actions with OAuth, and how to accept and use OAuth tokens from other providers.
Tim is the Agile Development Director at Cloudspace, an Orlando-based web apps shop. He's been coding for nearly a decade, but unless you're *really* into Firefox Extensions or Twitter, you've probably never heard of him. When he's not writing code for fun and profit, he spends time with his wonderful girlfriend, and aspires to awesomeness on the drums.
Author: Tim Rosenblatt