Chapter 14. Login and Authentication
“Thanks goodness, there’s only about a billion of these because DHH doesn’t think auth/auth belongs in the core.”
I bet every web app you’ve ever worked on has needed some form of user security, and some people assume it makes sense to include some sort of standard authentication functionality in a “kitchen-sink” framework such as Rails.
However, it turns out that user security is one of those areas of application design that usually involves a bit more business logic than anyone realizes upfront.
David has clearly stated his opinions on the matter, to help us understand why Rails does not include any sort of standard authentication mechanism: ...