On ATM - User models / code 5:18 AM, Feb 12th
One of the core areas (well, the main core area - it's the main apart of the application that is shared between all of the applications that make up ATM) is the user management system. Built from the ground up (e.g. not using Restful Authentication itself) it combines lessons learnt from my experience using other systems.
For starters, much of the user model is extracted into external mixins for easy modification / reuse - there is an integrated level-based role system which makes it easy to give access to certain areas of the website and there are separate sub-modules for each section such as Predicates, Callbacks and Class Methods.
To make authentication management easier, We've another library we've written to deal specifically with Password / Salt generation - by default salts are generated to be extremely strong whilst randomly generated passwords are made using the ngrams library to make them easy to memorize.
Lastly, each section is being covered by an extensive system of RSpec as seems proper these days in order to make it easily testable.