Rails 7.1 Authentication From Scratch Discussion
Authentication got a TON of great improvements in Rails 7.1 with authenticate_by, generates_token_for, normalizes, etc. Super duper excited for these things and they should clean up a lot of code. 🎉
Would you suggest using it in a new app and for production, or sticking with Device for a while?
Are you planning on moving away from Devise in JSP?
Probably at some point in the long-term. It's a huge benefit to have everything handled in Rails instead of Devise's mixture of Rails + Rack / warden that can be harder to customize.
This episode is (again) more than excellent! And very useful of course.
See you at RailsWorld Chris.
great work, thanks!
Will there be a follow up episode on email confirmations(you actually started it on user model), remember me function, or auth via github/gmail etc following these methods? Looking forward to have them. cheers
Question: How does defining helper methods as private methods (11:39) allow those methods to be accessible to views?
Would you recommend to use in a new app and production? Or stick with Device for awhile?
Devise will always get security updates applied automatically, so it's generally a good idea to still use it unless you're regularly doing security testing against your application.
Thoughts on using something like Authentication Zero (https://github.com/lazaronixon/authentication-zero) in lieu of devise?
Do you still recommend Devise for production? Or are there any other gems you recommend like authentication-zero (which is a different approach to having a library)?
How would you go about implementing test helpers for integration tests and system tests?
Is there a better way than creating helper method(s) to DRY up login/logout flow?
That is exactly what I was looking for, Chris.
Now I can understand the auth process on Rails and, probably, avoid more involved solutions like Devise that seems to be great (Jose Valin and Plataformatec team are great references), but may be an overkill for my use case.
I'm new to Rails and I must say that I've found no resource like GoRails (your videos, in particular) for a beginner who needs to understand the Rails way. I will save your time with a long, detailed praise here, but I'm already sold on your subscription. It is just a matter of days. I need to adjust the subscription date with my payments schedule, but I'm sure the investment will payback. I'm in a series marathon here. :)
For now, thank you for sharing these free resources (like that about webhooks you shared with Collins on GitHub). They are instrumental for me at this point when I need to implement a real solution in Rails.
Again, thank you. Long life to GoRails and I wish you success with your other business as well.
Absolutely! Rails 7.1's authentication updates are a game-changer. authenticate_by is a lifesaver for cleaner code, and generate_token_for makes things smoother. Can't wait to dive in!