User account design and security...

Posted by espinet on Stack Overflow See other posts from Stack Overflow or by espinet
Published on 2010-05-29T18:36:33Z Indexed on 2010/05/29 18:42 UTC
Read the original article Hit count: 360

Before I begin, I am using Ruby on Rails and the Devise gem for user authentication.

Hi, I was doing some research about account security and I found a blog post about the topic awhile ago but I can no longer find it again. I read something about when making a login system you should have 1 model for User, this contains a user's username, encrypted password, and email. You should also have a model for a user's Account. This contains everything else. A User has an Account.

I don't know if I'm explaining this correctly since I haven't seen the blog post for several months and I lost my bookmark.

Could someone explain how and why I should or shouldn't do this. My application deals with money so I need to cover my bases with security.

Thanks.

© Stack Overflow or respective owner

Related posts about ruby-on-rails

Related posts about security