How to add a username field to Devise registration?

You need to modify the strong parameters in your ApplicationController by overriding the configure_permitted_parameters method to permit :username in the sign_up action, then update the migration and views accordingly. This is detailed in the Strong Parameters section of the README.

Devise vs. Sorcery: which is better for Rails?

Devise is more comprehensive and modular, offering out-of-the-box features like email confirmation and OmniAuth, but it's heavier and has a steeper learning curve. Sorcery is lighter and more customizable for specific needs, making it better for simpler or highly tailored authentication. Choose based on project complexity and desired features.

How to set up OmniAuth with Devise for GitHub login?

First, add the omniauth-github gem and configure it in the Devise initializer with your app's credentials. Then, include the :omniauthable module in your model and set up the callback route. The README links to a wiki overview for detailed steps.

Why is Devise giving CSRF errors in Rails 5?

This happens because protect_from_forgery is no longer prepended to the before_action chain in Rails 5. To fix it, either reorder the before_action calls or use protect_from_forgery prepend: true, as mentioned in the Controller filters and helpers section.

How to use Devise with Rails API-only mode?

Enable HTTP Basic Authentication in the Devise initializer and consider custom Warden strategies for token-based auth. You may also need to adjust middleware for testing, as the README notes challenges with integration helpers and session management in API mode.

Best way to test Devise in RSpec?

Include Devise::Test::ControllerHelpers in controller specs and Devise::Test::IntegrationHelpers in feature specs. Set the devise.mapping env variable for controller tests, and ensure proper configuration for integration tests, especially in API mode.

Open-Awesome

devise

MITRubyv5.0.3

Flexible authentication solution for Ruby on Rails based on Warden, offering modular authentication modules.

GitHub

24.3k stars5.5k forks0 contributors

What is devise?

Devise is a flexible authentication solution for Ruby on Rails applications, built on the Warden Rack middleware. It provides a complete set of modular authentication features—such as user registration, password recovery, email confirmation, and session tracking—through Rails engines, eliminating the need to build authentication from scratch. It solves the problem of implementing secure, customizable authentication in Rails apps with minimal boilerplate code.

Target Audience

Rails developers building applications that require user authentication, from simple websites to complex systems with multiple user models. It's suited for those who need a robust, production-ready solution without reinventing the wheel.

Value Proposition

Developers choose Devise for its modular design, allowing them to include only the needed authentication components, and its deep integration with Rails conventions. It offers a balance of out-of-the-box functionality and extensive customization, supported by a large community and comprehensive documentation.

Overview

Flexible authentication solution for Rails with Warden.

Use Cases

Best For

Adding user authentication to new or existing Ruby on Rails applications
Implementing multi-model authentication (e.g., separate User and Admin models)
Integrating third-party OAuth providers via OmniAuth
Enhancing security with features like account locking and session timeouts
Streamlining password reset and email confirmation flows
Building APIs with HTTP Basic Authentication support

Not Ideal For

Developers building their first Ruby on Rails application who need to understand authentication basics from scratch
API-only Rails applications that rely solely on token-based authentication without browser sessions
Projects requiring authentication outside the Ruby on Rails ecosystem, such as Sinatra or Hanami apps
Teams seeking a zero-configuration, drop-in solution without customizing views or controllers

Pros & Cons

Pros

Modular Feature Set

Devise offers 10 distinct modules like Confirmable and Lockable, allowing developers to selectively include only the authentication features they need, reducing unnecessary bloat.

Deep Rails Integration

Built as a Rails engine, Devise provides full MVC support with built-in helpers, controllers, and views that seamlessly follow Rails conventions, making integration straightforward.

Extensive Community Support

With a comprehensive wiki, numerous extensions, and active StackOverflow presence, Devise benefits from robust documentation and community-driven resources for troubleshooting.

Multi-Model Authentication

Supports multiple signed-in models simultaneously, such as User and Admin, with scoped views and separate configurations, enabling complex authentication systems.

Cons

Steep Learning Curve

The README explicitly warns against using Devise for first-time Rails developers, and its reliance on generators, initializers, and Warden middleware requires significant upfront learning.

Configuration Overhead

Setting up Devise involves managing strong parameters, customizing views and controllers, and configuring routes, which can be cumbersome for simple or rapid-prototype projects.

Limited API Support

For Rails API mode, Devise's default cookie-based authentication doesn't work out-of-the-box, necessitating extra setup for token-based strategies and middleware adjustments, as noted in the documentation.

Frequently Asked Questions

Related Projects

spree

Open-source headless eCommerce platform with REST API, TypeScript SDK, and Next.js storefront for cross-border, B2B or marketplace eCommerce.

The administration framework for Ruby on Rails applications.

Classier solution for file uploads for Rails, Sinatra and other Ruby web frameworks

Stars8,774

Forks1,650

Last commit3 months ago

kaminari

⚡ A Scope & Engine based, clean, powerful, customizable and sophisticated paginator for Ruby webapps

Stars8,670

Forks1,075

Last commit2 months ago

Community-curated · Updated weekly · 100% open source

Found a gem we're missing?

Open-Awesome is built by the community, for the community. Submit a project, suggest an awesome list, or help improve the catalog on GitHub.

Submit a project Star on GitHub