What is Devise?
Devise is a flexible authentication solution for Rails. It provides ready-made features for user authentication, such as sign-up, login, and session management. It helps to easily add secure user authentication to a Rails application.
Why Use Devise?
Installation & Setup
Devise is already included in your Gemfile under the :development and :test groups:
group :development, :test do
gem "devise"
end
Run bundle install to install the gem.
After installing the gem, run the Devise install generator to set up the necessary configurations:
rails generate devise:install
This will create the following:
config/initializers/devise.rb: Configuration file for Devise.To create the User model with Devise’s built-in authentication, run:
rails generate devise User
Run migrations to update the database with the users table:
bin/rails db:migrate
How Devise Works in the Finance Tracker App
User Authentication: Devise handles the login and registration process. Users must sign up and log in to access the app’s features.
Protecting Routes: In controllers like ExpensesController, we use before_action :authenticate_user! to ensure that only logged-in users can access certain pages.
Expense Association: Each expense is linked to a user. This ensures that users can only see their own expenses.
Example of how we protect the routes using Devise:
class ExpensesController < ApplicationController
before_action :authenticate_user! # Ensures only logged-in users can access these routes
# Other actions for handling expenses
end
Devise Routes: Devise automatically provides routes for user registration, login, and logout. You can find the login page at /users/sign_in, and the sign-up page at /users/sign_up.
Example of how we add authentication links in the view:
<%= link_to "Sign up", new_user_registration_path %>
<%= link_to "Log in", new_user_session_path %>
<%= link_to "Log out", destroy_user_session_path, method: :delete %>
How to Customize Devise Views
Devise provides default views for sign-up, login, and other authentication-related pages. If you want to modify the appearance or functionality of these pages, you can customize them by editing the files in app/views/devise/.
Troubleshooting Common Issues
Here are some common issues you might encounter with Devise and how to resolve them:
"Invalid Email or Password" Error: If you're getting this error when trying to log in, make sure your email and password are correct. If you're using a development database, check the User model to ensure that it has the necessary fields (like email and encrypted_password).
Devise Routes Not Working: If you encounter issues with the Devise routes (e.g., new_user_session_path or destroy_user_session_path), ensure that Devise is properly initialized in your application by checking the config/initializers/devise.rb file and ensuring it's been loaded correctly.
Request Specs Failing with Devise Authentication: If you're facing issues in your request specs where Devise authentication doesn't work (e.g., sign_in not working), ensure that you have the following in rails_helper.rb:
config.include Devise::Test::IntegrationHelpers, type: :request
If you're still encountering issues, remember to reload routes in rails_helper.rb before running the tests:
Rails.application.reload_routes!
Database Errors in Tests: When running tests, make sure you’ve migrated your test database properly:
rails db:test:prepare
If you’ve created new Devise fields (like :email, :password), ensure those fields are included in your test database.