A pure Ruby on Rails authentication system like Devise.
Add this line to your application's Gemfile:
gem "revise_auth"and then run bundle install.
Or run this command:
bundle add "revise_auth"ReviseAuth is designed around a single User model. Execute the following to generate the User model:
$ rails g revise_auth:modelOptionally, you can add other fields such as first_name and last_name:
$ rails g revise_auth:model first_name last_nameAnd then run:
$ rails db:migrateReviseAuth only works with a single model to keep things simple. We recommend adding roles to handle other types of users.
You can accomplish this in a few different ways:
- A
rolesattribute on theUsermodel - The Rolify gem
The model generator will automatically add ReviseAuth's routes to your router:
# config/routes.rb
revise_auth
You will want to define a root path. After login (see below), the user will be redirected to the root path.
ReviseAuth uses the flash to display notices and alerts, so make sure flash messages are rendered by your application:
<%# views/layouts/application.html.erb %>
<%= tag.div notice if notice %>
<%= tag.div alert if alert %>To protect your actions from unauthenticated users, you can use the authenticate_user! filter:
before_action :authenticate_user!In your views, you can use user_signed_in? to verify if a user is signed in and current_user for using the signed in user.
ReviseAuth will send some emails:
- password reset
- confirmation instructions
Make sure you have the default url options set:
# in config/environments/development.rb
config.action_mailer.default_url_options = {host: "localhost", port: 3000}Note: This should be set in all environments.
To customize views, you can run:
$ rails g revise_auth:viewsThis will copy the views into app/views/revise_auth in your application.
To customize the form parameters, you can add/remove params in config/initializers/revise_auth.rb
ReviseAuth.configure do |config|
config.sign_up_params += [:time_zone]
config.update_params += [:time_zone]
endAfter a user logs in they will be redirected to the stashed location or the root path, by default. When a GET request hits authenticate_user!, it will stash the request path in the session and redirect back after login.
To override this, define after_login_path in your ApplicationController. You can also override ReviseAuthController and define it there.
class ApplicationController < ActionController::Base
def after_login_path
root_path
end
endYou can use any of the authentication functionality in your routes using the ReviseAuth::RouteConstraint class.
The following will draw routes only if the user is signed in:
authenticated ->{ _1.admin? } do
resource :admin
end
authenticated do
resource :dashboard
endThe minimum acceptable password length for validation defaults to 12 characters but this can be configured in either config/initializers/revise_auth.rb or your environment configuration:
ReviseAuth.configure do |config|
config.minimum_password_length = 42
endReviseAuth comes with handy helpers you can use in your tests:
# POST /login with the given user and password
login(user, password: "password")
# DELETE /logout
logoutInclude the ReviseAuth::Test::Helpers module to make them available in your tests.
class ActionDispatch::IntegrationTest
include ReviseAuth::Test::Helpers
endThen in your tests:
class MyControllerTest < ActionDispatch::IntegrationTest
setup do
@user = users(:bob)
login @user
end
test "..." do
# ...
end
endIf you have an issue you'd like to submit, please do so using the issue tracker in GitHub. In order for us to help you in the best way possible, please be as detailed as you can.
If you'd like to open a PR please make sure the following things pass:
bin/rails db:test:prepare
bin/rails test
bundle exec standardrbThe gem is available as open source under the terms of the MIT License.