Book Review: Learning Devise For Rails

Chris Oliver

December 29, 2013

Having been a Devise user and contributor for several years, I was happy to give the book Learning Devise For Rails a review. The functionality that Devise provides is one that just about every application requires. Most of the competing solutions aren't as robust or well tested and the only other option is to roll your own entirely.

Learning Devise For Rails

This book covers the most common use cases of using Devise in your Rails application:

  • Authentication with Devise
  • Authorization with CanCan
  • Omniauth integration with Devise
  • Testing Devise with RSpec

Each section is laid out nicely and is reminiscent of a well written tutorial. It walks you through the code snippets required for installing and setting up Devise as well as going into several of the common advanced use cases such as authenticating with usernames instead of email addresses.

Paired with almost every application is the idea that users should only be able to do things they're allowed to. This is called authorization. Ryan Bates wrote a gem called CanCan which allows you to set rules for what types of users can do what. The chapter dedicated to integration CanCan with Devise is one that I think many people getting started in Rails would find useful.

The chapter on Omniauth is one that is well needed as well due to the complexity of it all. Using Omniauth to add sign in with Twitter, Facebook, Google+, and any other OAuth service is the defacto standard right now. The integration with Devise is a tricky one in that sometimes you need to record an email address for the User and also allow the user to sign in with Twitter after they registered with email. Having all these different paths is complicated and the book provides a reasonably clear of a picture of how this all works together.

And last but not least, any Rails book wouldn't be complete without a section on testing. The fifth chapter covers writing tests for your Devise implementation which is important especially as you begin to customize it. In my opinion, testing the remote authentication with Twitter is the most important piece as it often becomes one of the most complicated pieces of logic in the authentication portion of apps.

All in all I'd say Learning Devise For Rails is well worth reading if you're interested learning more about Devise and what you can do with it.

P.S. You might enjoy following me on Twitter.