How to authenticate anonymous users in Rails

Let’s say you’re building an app that is oriented around user identity — the ability for users to interact with the site and with each other as themselves. The typical approach (e.g. the one Facebook uses), is to ask the user to create an account before logging in and being able to do anything meaningful.

Requiring users to enter their email address and risk another data breach on a…