#45 Authentication Crash Course with Devise

Summary

Devise is a flexible authentication solution for Rails based on Warden. Learn how to add a stable authentication solution like Devise to your application.
rails security authentication 8:04

Summary

Gemfilegem 'devise'

If you want to use the bootstrap views, add the following to your gem file. Run bundle and and the generator.

Bootstrap Viewsgem 'devise-bootstrapped', github: 'king601/devise-bootstrapped'

bundle
rails generate devise:views:bootstrapped
Bashrails generate devise:install
rails generate devise User # MODEL
rake db:migrate
_navigation_links.html.erb

<li><%= link_to 'Protected', protected_path %></li> <% if user_signed_in? %>   <li><%= link_to current_user.email, edit_user_registration_path %></li>   <li><%= link_to 'Logout', destroy_user_session_path, method: :delete %></li> <% else %>   <li><%= link_to 'Login', new_user_session_path %></li> <% end %>

development.rbconfig.action_mailer.default_url_options = { host: 'localhost', port: 3000 }
routes.rbRails.application.routes.draw do
  devise_for :users
  get :protected, to: 'visitors#protected'
  root 'visitors#index'
end

user.rbclass User < ApplicationRecord
  # Include default devise modules. Others available are:
  # :confirmable, :lockable, :timeoutable and :omniauthable
  devise :database_authenticatable, :registerable,
         :recoverable, :rememberable, :trackable, :validatable
end



king601 said over 2 years ago:

Thanks for using my Gem! I'm glad you liked it enough and featured it in the video! 

I'm open to suggestions for improvements, I'm sure there are improvements that can be made :)

kobaltz PRO said about 2 years ago:

One thought would be making a CLI utility so that you can generate the files without having to add/remove the gem. This way, it would be a globally accessible thing that could easily be used on other projects.

Rocela Durazo Verdugo said over 1 year ago:

Ey nice video, can you add the facebook login ? that would be very cool.

Jayzen PRO said 15 days ago:

Thanks your awesome video.
I had ever use the gem 'devise' and include the confirmable module, when i deploy my app on heroku, i use the sendgrid add-on to send email confirmation according to the heroku guides, i want to use the ssl function so i use the code in "config/enviroments/production.rb" as follow
```ruby
config.force_ssl = true

config.action_mailer.raise_delivery_errors = true
config.action_mailer.delivery_method = :smtp

host = "note-book-diary.heroku.com"
config.action_mailer.default_url_options = { protocol: "https", host: host }
ActionMailer::Base.smtp_settings = {
address: "smtp.sendgrid.net",
port: 587,
authentication: "plain",
user_name: "xx",
password: "xx",
domain: "heroku.com",
enable_starttls_auto: true
}
```
when i reach the link https://note-book-diary.heroku.com/, the response return ok, but when i click the email confirmation , i get the wrong response "NET::ERR_CERT_COMMON_NAME_INVALID"

The chrome error messages show the the website use HSTS and can't reach it. can you do me a favor to find the solution? Thanks a lot!

kobaltz PRO said 15 days ago:

Try setting the domain and use the url to https://note-book-diary.herokuapp.com/

So you'd need to update the host and the domain settings. You can check the Certificate within Chrome to see what the common name (or domain name) to see where the mismatch is.

Login to Comment