(which has a devise plugin for it as well).
Discussion on rubygems-org slack which is considering macaroons for *.
rubygems.org auth:
> > so any satellite apps do'nt need to write their own auth/identity management
> there’s a better alternative but it’s… a bit half-baked :neutral_face:"
> I need to write a blog post about it
> that’d be Macaroons
> also I feel like a terrible punster every time I say Macaroons are half-baked
> this video explains how they can be used in federated identity/authz contexts:
> Honestly either macaroons (or oauth) looks like something that is approachable for beginners to integrate
I'd probably avoid cookies, except maybe session cookies, (make sure they're secure/signed and http-only) and use tokens.