Devise – a fully featured authentication mechanism for Rails Applications

While developing any Ruby-on-Rails based web application, programmers often spend significant amount of time developing the authentication modules from scratch – sign up process, login and logout modules, forgot password, password reset and many such functionalities.

What is the solution ?
Well, there are a lot of gems and plugins that provide some of these functionalities that can reduce our work. Although it helps us writing less code , maintaining multiple gems is a bit cumbersome, and so comes Devise into the picture.

What is Devise ?
Devise is an full-featured authentication mechanism for Rails applications. Its easy and quick to integrate, widely used and properly tested. Its defaults are pretty good. The modules it supports are as follows :

1. Database Authenticable : Encrypts and stores a password in the database to validate the authenticity of a user while signing in. 2. Token Authenticable: Signs in a user based on an authentication token. 3. Omniauthable: Adds Omniauth support. 4. Confirmable: Sends emails with confirmation instructions. 5. Recoverable: Resets the user password and sends reset instructions. 6. Registerable: Handles signing up users through a registration process, also allowing them to edit and destroy their account. 7. Rememberable: Manages generating and clearing a token for remembering the user from a saved cookie. 8. Trackable: Tracks sign in count, timestamps and IP address. 9. Timeoutable: Expires sessions that have no activity in a specified period of time. 10. Validatable: Provides validations of email and password. It’s optional and can be customized. 11. Lockable: Locks an account after a specified number of failed sign-in attempts. Can unlock via email or after a specified time period.

Follow the steps described below for creating your Devise-ed Rails application.

1. Create a new project:

						rails new devise_test_app -d mysql

The Database server used for this demo application is mysql. You can use any other server of your choice or even the default SQLite. Everything works out of the box.

2. Add below line in your Gemfile:

						gem 'devise'

3. Go to your Project directory and run the bundle command to install it:

						bundle install

4. Run the generator to generate the Devise files:

						rails g devise:install

which will create below files

Some setup you must do manually if you haven’t yet:

4.1. Ensure you have defined default url options in your environments files.
Here is an example of default_url_options appropriate for a development environment
in config/environments/development.rb:

						config.action_mailer.default_url_options = { :host => 'localhost:3000' }

In production, :host should be set to the actual host of your application.

Note: The above option is for letting devise know from which host to send the mails to the application account owner.

4.2. Ensure you have defined root_url to *something* in your config/routes.rb.
For example:

						root :to => "home#index"

4.3. Ensure you have flash messages in app/views/layouts/application.html.erb.>/span>
For example:


<%= notice %>

<%= alert %>

Note: The above code can be kept or discarded depending on whether we want to display the messages or not. For Ex: “You are successfully logged in.”

5. Create your database in your preferred way:
Login to mysql and create your database

						mysql> create database devise_test_app_development;

you can create your database the Rails way by running

						rake db:create

which will create the database defined in config/database.yml for the current Rails environment.

6. Create or update your model with devise functionalities:

						rails generate devise MODEL_NAME
Replace MODEL_NAME by the class name used for the applications users. For example
rails generate devise User

Note: The models that we generally add devise are User, Login or Admin etc. But there is absolutely no restriction on the model we can apply it to. It just has to be sensible.
7. Generate default Devise views (for customization) by running:

						rails generate devise:views

Note: This step is optional . We can create our own view files, but the default views are pretty good.

8. Add the following routes to your config/routes.rb file:
(Note: the below routes are for the demo, you can define your actual route. For instance, where do you want to be redirected to if you are successfully logged-in etc)