Revise Auth and Podcasting Plans
The host of Remote Ruby, Chris, reflects on a recent workshop in Minneapolis where he taught a Rails course for Front-End Masters, now expanding beyond front-end topics. He shares the technical challenges of live-streamed teaching, including screen real estate limitations and the difficulty of keeping in-person attendees synced. A major focus emerges around authentication systems: he details a seamless migration strategy from AuthLogic to Devise using a custom password validation method that preserves user passwords during transition. This leads into a deep dive on his open-source gem, Revise Auth, which aims to modernize Rails' built-in authentication generator by adding Devise-like features—registration, email confirmation, two-factor auth, OAuth—while avoiding Devise's complexity and Warden middleware. He argues for a 'secure by default' approach and discusses the trade-offs of backward compatibility, customization, and technical debt. The episode concludes with a major announcement: Chris is reviving the long-dormant Ruby on Rails podcast, taking over from Elise Schaefer, with a new cadence of two episodes per month and plans to feature conference organizers like Travis Doctor and Jeremy Smith, aiming to capture the community spirit of Ruby events. He also humorously explores a mystery around a missing episode number 259, turning it into a Patreon joke.
Migrate from AuthLogic to Devise seamlessly by overriding the valid password method to check both old and new password hashes during login.
Use Rails' built-in authentication generator as a secure-by-default foundation and extend it with a gem like Revise Auth for missing features.
Implement a custom password algorithm in Rails using the new has_secure_password hook to support legacy migrations and modern security.
Revise Auth should avoid Warden and instead use Rails' session model to enable true logout and better controller flow.
Build a clean, modular authentication system that defaults to one user model and avoids the complexity of multiple login scopes.
…and 3 more takeaways available in PodZeus
Tired but Productive: A Workshop in Minneapolis
Chris shares his exhaustion after a recent workshop in Minneapolis, reflecting on the physical and mental toll of teaching live, especially with limited screen real estate and the challenge of keeping in-person attendees engaged.
The Challenge of Live-Streamed Teaching
Chris details the technical and pedagogical difficulties of live-streaming a workshop, including poor visibility on a single screen, the need for large fonts, and the frustration of not being able to see the full code context.
AuthLogic to Devise Migration: A Seamless Transition
“So it makes it a seamless transition because you're checking, hey, if they're already on devised, let's just use the bcrypt thing and be done with it. But if they're not, then we can go follow the old logic, use the old password hash, and then upgrade it when the user logs in successfully with that.”
The Birth of Revise Auth: Bridging the Rails Gap
“I always gravitate to let's have one user model, sort of the same way that Rails sets up authentication is like you actually don't log in as the user. You log in with a session and you happen to use the user's password to authenticate.”
The Complexity of Customization and Backward Compatibility
Chris weighs the pros and cons of adding features like OAuth, two-factor auth, and customizable fields, acknowledging the technical debt and maintenance burden of supporting every possible configuration.
“So it makes it a seamless transition because you're checking, hey, if they're already on devised, let's just use the bcrypt thing and be done with it. But if they're not, then we can go follow the old logic, use the old password hash, and then upgrade it when the user logs in successfully with that.”
“And so I always gravitate to let's have one user model, sort of the same way that Rails sets up. authentication is like you actually don't log in as the user. You log in with a session and you happen to use the user's password to authenticate.”
“So yeah, I'm really looking forward to having the Ruby on Rails podcast back even though I'm going to be the one running it now. That'll be weird.”
Host
Guests
Devise
product
Revise Auth
product
Ruby on Rails Podcast
media
Elise Schaefer
person
AuthLogic
product
Front-End Masters
organization
Minibar
organization
Travis Doctor
person
RailsConf
other
Sessionizer
product
Asmongold definitely isn’t gay - H3 After Dark #64
2h 50m • 5/30/2026
Bringing Out The Best In Each Other
25m • 5/31/2026
World Kabbalah Convention "Gathering in Tens". Lesson Part 6 [2026-05-31]
2h 2m • 5/31/2026
Summary of Convention [2026-06-01] #lesson
54m • 6/1/2026
MB526: The Real Money Is Made After the Deal: What Most Investors Miss About Asset Management - With Cyndee Harding
42m • 6/1/2026
Start discovering podcast insights today
Start with a 7-day trial and explore a growing catalog of popular podcasts. No credit card required.
No credit card required • 7-day trial • Cancel anytime

