Another week in Our Time for Tech has gone by.
I was assigned the app authentication, and in order to do that I had to investigate and install the Ruby Gem called Devise.
One thing I learnt in my previous developer experience was to don't reinvent the wheel. When working with a framework and as a newbie I always tried to do things by myself. (Even the authentication process).
But usually frameworks have that part covered with tools that have already been tested by a lot of developers and are secure and stable, saving you from hours and hours of work.
So, What is devise and what it is for?
Devise is an authentication solution for Rails based on Warden. It handles authentication with bcrypt, eliminating the need to hash and salt passwords manually.
It allows your user to be able to do basic things like sign up, log in and log out and it is composed of 10 modules, of which you can choose to use only the ones you need. These modules are:
- Database Authenticable — Hashes and stores the password in database. Authentication is done by a POST request. Necessary to save user/hashed password in the DB.
- Omniauthable — Adds support for Omniauth provider, allowing log in through third-party providers like Facebook, Twitter, etc
- Confirmable — Disables access to the user account unless a user has confirmed their account through email.
- Recoverable — Adds a ‘Forgot my Password’ link that allows the user to reset their password using email.
- Registerable — Creates a registration process, users can now edit and delete their account.
- Rememberable — Creates a token and stores a user session with a saved cookie (adds REMEMBER ME checkbox)
- Trackable — Tracks user IP addresses, sign in count, last sign in, and timestamps
- Timeoutable — Logs a user out after a certain amount of time.
- Validatable — Uses built-in Devise validations for email address and password (length, characters, etc).
- Lockable — Locks an account after a specific amount of time or specific amount of log in attempts.
Setting up devise in your Web App
These are the steps I followed (there are plenty or tutorials around)
- Open up your Gemfile and add this line
gem 'devise'
- Run
bundle install
to install the gem - Restart your rails server
- Run
rails g devise:install
- Open up
config/environments/development.rb
and add:config.action_mailer.default_url_options = { host: 'localhost', port: 3000 }
before theend
keyword. - Open up
app/views/layouts/application.html.erb
and add:<% if notice %> <p class="alert alert-success"><%= notice %></p> <% end %>
<% if alert %> <p class="alert alert-danger"><%= alert %></p> <% end %>
right above<%= yield %>
- Setup the User model:
rails g devise User
(or the name you want to give, Admin...)rails db:migrate
Once that is done you can go and create your first user http://localhost:3000/users/sign_up and log in http://localhost:3000/users/sign_in
Image by Gerd Altmann from Pixabay
Top comments (4)
Good post Sara!! 👌
When you don't set the model name, devise set User ?
I say it because I use:
$ rails g devise User
You tell me 😊
Thanks!
You have to specify the name of the model (User, Admin...). Good catch! I will edit it now. Thank you!
You're welcome!!
If I don't write a post it's because I know I would make a thousand and one mistakes hahaha
I want more RoR post! :P
Kind regards friend Sara ;)
There is nothing wrong with making mistakes, we are humans! 😉 Besides, they are the best way to learn 🙂