Ruby on Rails - Using Devise for Authentication
Introduction
Devise is a flexible and comprehensive authentication solution for Rails based on Warden. It handles user registration, session management, password recovery, and more. This guide will walk you through implementing authentication in your Rails application using Devise.
Key Points:
- Devise provides a full-featured authentication solution for Rails applications.
- It handles user registration, session management, password recovery, and more.
- This guide covers the steps to implement Devise in your Rails application.
Installing Devise
First, add Devise to your Gemfile and install it:
# Add Devise to your Gemfile
gem 'devise'
# Install the gem
bundle install
# Run the Devise generator
rails generate devise:install
The generator sets up the necessary configuration files and instructions for further setup.
Configuring Devise
Follow the instructions provided by the generator to configure Devise. Here are the typical steps:
- Ensure you have a default URL option configured in your
config/environments/development.rbfile:
# config/environments/development.rb
config.action_mailer.default_url_options = { host: 'localhost', port: 3000 }
- Add flash messages for Devise in your application layout:
# app/views/layouts/application.html.erb
<%= notice %>
<%= alert %>
Generating the User Model
Generate a User model with Devise:
# Generate the User model with Devise
rails generate devise User
# Run the migrations
rails db:migrate
This command creates a User model with the necessary database columns and Devise modules for authentication.
Setting Up Routes
Devise provides a set of helper methods to handle routing. Add the following to your config/routes.rb file:
# config/routes.rb
Rails.application.routes.draw do
devise_for :users
root to: 'home#index'
end
This sets up routes for user registration, login, logout, and other authentication actions.
Customizing Devise Views
To customize the views provided by Devise, run the following generator:
# Generate Devise views for customization
rails generate devise:views
This copies the Devise views to your application, allowing you to customize them as needed.
Adding Additional Fields to User Model
To add additional fields to the User model, create a migration:
# Generate a migration to add fields
rails generate migration AddFieldsToUsers first_name:string last_name:string
# Run the migration
rails db:migrate
Update the app/controllers/application_controller.rb to permit the additional parameters:
# app/controllers/application_controller.rb
class ApplicationController < ActionController::Base
before_action :configure_permitted_parameters, if: :devise_controller?
protected
def configure_permitted_parameters
devise_parameter_sanitizer.permit(:sign_up, keys: [:first_name, :last_name])
devise_parameter_sanitizer.permit(:account_update, keys: [:first_name, :last_name])
end
end
Setting Up Mailer
Devise uses ActionMailer to send emails for password recovery and other features. Configure the mailer settings in config/environments/development.rb:
# config/environments/development.rb
config.action_mailer.delivery_method = :smtp
config.action_mailer.smtp_settings = {
address: 'smtp.example.com',
port: 587,
user_name: 'your_email@example.com',
password: 'your_password',
authentication: 'plain',
enable_starttls_auto: true
}
Testing Devise Setup
Start the Rails server and navigate to the registration and login pages to test the Devise setup:
# Start the Rails server
rails server
# Navigate to the following URLs
# http://localhost:3000/users/sign_up
# http://localhost:3000/users/sign_in
Ensure that you can register a new user, log in, log out, and recover passwords.
Conclusion
Devise provides a comprehensive and flexible solution for authentication in Rails applications. This guide covered the steps to install and configure Devise, generate the User model, set up routes, customize views, add additional fields, configure the mailer, and test the setup. By following these steps, you can implement robust authentication in your Rails application using Devise.