Setting up the Devise gem for your rails app.

Devise is a flexible authentication solution for Rails based on Warden. It is Rack based with a complete MVC solution based on Rails engines. It also allows you to have multiple models signed in at the same time, and is based on a modularity concept: use only what you really need.

Devise consists of 10 modules which can be found on their github page here. Something very useful about one of these is the compatibility with Omniauth. Omniauth is a gem that’s used for standardizing the way you authenticate over multiple web applications. For example, when you sign up for a website, and they ask you if you want to use your google account, Omniauth is a way to create that process. Another great module for Devise, is the database authenticity. It hashes and stores a password in your database to validate the authenticity of your user when signing in to your app. Devise provides some validations to a user when they sign up, but also allows you to customize them, and define your own.

1. To begin, you’re going to need to add the gem to your Gemfile. Make sure you don’t put it inside of any groups, you’ll want this gem to be in your live server, not just for testing.

gem ‘devise’

2. Now run bundle install. This will make sure all the dependencies in your Gemfile are available to your application, then install them.

3. Now you can install the generator into your application.

$ rails generate devise:install

After installing the generator a list of instructions will appear in the console. Make sure to read through them. If you plan to use the mailer part of Devise you need to add this line to your config/environments/development.rb:

config.action_mailer.default_url_options = { host: 'localhost', port: 3000 }

4. You’re now ready to add a User class model to our application. This will create a model and set it to the default Devise modules. This command also configures your config/routes.rb file to point to the new controller.

$ rails generate devise User

You can now see this command added files in your models folder, and migration folder. If you want to add or remove anymore configuration options, you can uncomment or comment some of the lines in your model and migration. Just make sure if you choose to add or remove something, you do it in both files.

5. Once your migration is set up the way you’d like, you can now run:

$ rails db:migrate

6. Devise helps you quickly develop an application to use authentication with great customization. Since Devise is an engine, all its views are packaged within the gem. These views help you get started quickly, with little hassle. Also allowing you to later on add more customization. So now you can run:

$ rails generate devise:views

Note: If you want to generate more than one model in your application (such as User and Admin) using this command, you need to set config.scoped_views = true inside your config/initializers/devise.rb file. Otherwise, Devise will try to use the same views. After doing so, you will be able to have multiple views based on each role. Devise will default to devise/sessions/new if no view is found within the scope. You can also use the generator to generate scoped views:

$ rails generate devise:views users

7. If you want to also customize your controllers, you can use the devise:controllers generator. Create your custom controllers using the generator which requires a scope. I’ll be using users in this example.

$ rails generate devise:controllers users

Note: If you want to use only a specific controller, you can use the -c flag:

$ rails generate devise:controllers users -c=sessions

8. Because I am are using users as the scope, controllers will be created in app/controllers/users/. You will see more instructions in your console of another manual step. Just add this line to your config/routes.rb:

devise_for :users, controllers: { sessions: ‘users/sessions’ }

Since I won’t be using the default view folder for users any longer, I need to copy the file from our views folder devise/sessions to users/sessions.

9. Finally, you can customize each of the desired controller actions. You can completely rewrite a controller action by creating a new method, or you can simply add new behavior to it by keeping the super keyword within the method.

Devise uses flash messages to show the user what was successful or unsuccessful while signing up or signing in to our application. Devise expects our application to call flash[:notice] and flash[:alert] to show the user these specific errors. If there is every a time where you wanted to show the entire flash hash, Devise adds a :timedout key to the flash hash. Which is not meant to be displayed to our user. You would remove this key from the hash first, if we wanted to display the entire flash hash.

I only talked about a couple of modules within the Devise gem here today. There’s more to read and more information to take in about each of these modules on their github. I would also recommend checking out Omniauth for more authentication purposes, and reading about that on Devises page as well. Thank you to everyone who took the time to read my post! Remember to share if you enjoyed!