User Authentication and Authorization

Learn to set up the Rails app for user authentication and authorization.

We'll cover the following

Installing Devise
Devise setup
Generators user model

We’ve gotten quite far in our example without adding a user model to it, which we’ll rectify now.

We need to get users and passwords into the system without spending too much time in the setup weeds, so we can focus our attention on the security issues that having users causes. To do that, we use the Devise gem for basic user authentication and focus on using Devise as part of our security and testing goals.

Installing Devise

Devise is a big, multifaceted gem, and we’ll only be scratching the surface of what it can do. It handles all kinds of login needs, including confirmation emails, password changes, “remember me” cookies, and much more. First up, we need to put it in the Gemfile:

gem "devise"

At the time of writing, the version of Devise was 4.4.1. The latest version is 4.8.1.

After we install the gem with bundle install, we need to take two-generation steps. The first is the general installation of the Devise setup:

Get hands-on with 1200+ tech skills courses.

Introduction

Test-Driven Fable

Test-Driven Development Basics

Test-Driven Rails

What Makes a Great Test?

Testing Models

Adding Data to Tests

Using Test Doubles as Mocks and Stubs

Integration Testing with Capybara and Cucumber

Testing JavaScript: Integration Testing

Unit-Testing Javascript

Testing Rails Display Elements

Minitest

Testing for Security

Testing External Services

Troubleshooting and Debugging

Running Tests Faster and Running Faster Tests

Testing Legacy Code

User Authentication and Authorization

Installing Devise