RailsCasts Pro episodes are now free!

Learn more or hide this

Introducing Devise

#209 Introducing Devise

Apr 12, 2010 | 10 minutes | Plugins, Authentication, Rails 3.0
Devise is a full-featured authentication solution which handles all of the controller logic and form views for you. Learn how to set it up in this episode.
Click to Play Video ▶
  • Download:
  • source codeProject Files in Zip (156 KB)
  • mp4Full Size H.264 Video (20.9 MB)
  • m4vSmaller H.264 Video (12.6 MB)
  • webmFull Size VP8 Video (30.8 MB)
  • ogvFull Size Theora Video (28.7 MB)
Browse_code Browse Source Code

There is a newer version of this episode, see the revised episode.

Resources

bash 
bundle install
rails generate devise_install
rails generate devise User
rake db:migrate
rake routes
Gemfile 
gem 'devise', '1.1.rc0'
config/environments/development.rb 
config.action_mailer.default_url_options = { :host => 'localhost:3000' }
models/user.rb 
class User < ActiveRecord::Base
  # Include default devise modules. Others available are:
  # :token_authenticatable, :lockable, :timeoutable, :confirmable and :activatable
  devise :database_authenticatable, :registerable,
         :recoverable, :rememberable, :trackable, :validatable

  # Setup accessible (or protected) attributes for your model
  attr_accessible :email, :password, :password_confirmation
end

# migration
class DeviseCreateUsers < ActiveRecord::Migration
  def self.up
    create_table(:users) do |t|
      t.database_authenticatable :null => false
      # t.confirmable
      t.recoverable
      t.rememberable
      t.trackable
      # t.lockable :lock_strategy => :failed_attempts, :unlock_strategy => :both

      t.timestamps
    end

    add_index :users, :email,                :unique => true
    # add_index :users, :confirmation_token,   :unique => true
    add_index :users, :reset_password_token, :unique => true
    # add_index :users, :unlock_token,         :unique => true
  end

  def self.down
    drop_table :users
  end
end

# migration
create_table(:users) do |t|
  t.database_authenticatable :null => false
  # t.confirmable
  t.recoverable
  t.rememberable
  t.trackable
  # t.lockable :lock_strategy => :failed_attempts, :unlock_strategy => :both

  t.timestamps
end

add_index :users, :email,                :unique => true
# add_index :users, :confirmation_token,   :unique => true
add_index :users, :reset_password_token, :unique => true
# add_index :users, :unlock_token,         :unique => true
layouts/application.html.erb 
<div id="user_nav">
  <% if user_signed_in? %>
    Signed in as <%= current_user.email %>. Not you?
    <%= link_to "Sign out", destroy_user_session_path, :method => :delete %>
  <% else %>
    <%= link_to "Sign up", new_user_registration_path %> or <%= link_to "sign in", new_user_session_path %>
  <% end %>
</div>