ReviseAuth
A pure Ruby on Rails authentication system like Devise.
Installation
Add this line to your application's Gemfile:
gem "revise_auth"
and then run bundle install
.
Or run this command:
bundle add "revise_auth"
Usage
Models
ReviseAuth is designed around a single User
model. Execute the following to generate the User
model:
$ rails g revise_auth:model
Optionally, you can add other fields such as first_name
and last_name
:
$ rails g revise_auth:model first_name last_name
And then run:
$ rails db:migrate
Roles / Other User Types
ReviseAuth only works with a single model to keep things simple. We recommend adding roles to handle other types of users.
You can accomplish this in a few different ways:
- A
roles
attribute on theUser
model - The Rolify gem
Routes
The model generator will automatically add ReviseAuth's routes to your router:
# config/routes.rb
revise_auth
You will want to define a root path. After login (see below), the user will be redirected to the root path.
Views
ReviseAuth uses the flash to display notices and alerts, so make sure flash messages are rendered by your application:
<%# views/layouts/application.html.erb %>
<%= tag.div notice if notice %>
<%= tag.div alert if alert %>
Filters and Helpers
To protect your actions from unauthenticated users, you can use the authenticate_user!
filter:
before_action :authenticate_user!
In your views, you can use user_signed_in?
to verify if a user is signed in and current_user
for using the signed in user.
Mailer
ReviseAuth will send some emails:
- password reset
- confirmation instructions
Make sure you have the default url options set:
# in config/environments/development.rb
config.action_mailer. = {host: "localhost", port: 3000}
Note: This should be set in all environments.
Customizing
To customize views, you can run:
$ rails g revise_auth:views
This will copy the views into app/views/revise_auth
in your application.
Form Permitted Params
To customize the form parameters, you can add/remove params in config/initializers/revise_auth.rb
ReviseAuth.configure do |config|
config.sign_up_params += [:time_zone]
config.update_params += [:time_zone]
end
After Login Path
After a user logs in they will be redirected to the stashed location or the root path, by default. When a GET request hits authenticate_user!
, it will stash the request path in the session and redirect back after login.
To override this, define after_login_path
in your ApplicationController
. You can also override ReviseAuthController
and define it there.
class ApplicationController < ActionController::Base
def after_login_path
root_path
end
end
Routing Constraints
You can use any of the authentication functionality in your routes using the ReviseAuth::RouteConstraint
class.
The following will draw routes only if the user is signed in:
authenticated ->{ _1.admin? } do
resource :admin
end
authenticated do
resource :dashboard
end
Password Length
The minimum acceptable password length for validation defaults to 12 characters but this can be configured in either config/initializers/revise_auth.rb
or your environment configuration:
ReviseAuth.configure do |config|
config.minimum_password_length = 42
end
Test helpers
ReviseAuth comes with handy helpers you can use in your tests:
# POST /login with the given user and password
login(user, password: "password")
# DELETE /logout
logout
Include the ReviseAuth::Test::Helpers
module to make them available in your tests.
class ActionDispatch::IntegrationTest
include ReviseAuth::Test::Helpers
end
Then in your tests:
class MyControllerTest < ActionDispatch::IntegrationTest
setup do
@user = users(:bob)
login @user
end
test "..." do
# ...
end
end
Contributing
If you have an issue you'd like to submit, please do so using the issue tracker in GitHub. In order for us to help you in the best way possible, please be as detailed as you can.
If you'd like to open a PR please make sure the following things pass:
bin/rails db:test:prepare
bin/rails test
bundle exec standardrb
License
The gem is available as open source under the terms of the MIT License.