Our great sponsors
-
importmap-rails
Use ESM with importmap to manage modern JavaScript in Rails without transpiling or bundling.
-
WorkOS
The modern identity platform for B2B SaaS. The APIs are flexible and easy-to-use, supporting authentication, user identity, and complex enterprise features like SSO and SCIM provisioning.
It's good for other beginners: I'll avoid perpetuating a crushing expectation that beginners must understand everything right away. Also, other beginners might benefit from the solutions that I'm jotting down along with the struggles. Documentation might also improve as a result: just the other day I asked a very basic question about importmaps in the StimulusReflex Discord channel. (If you're not on there yet, (a) WHY, and (b) here's an invite.) Not only did I got a great answer to my question, but also it resulted in a helpful addition to the importmap-rails readme.
I'm not saying I disliked the Ruby on Rails Tutorial. To the contrary, it taught me the invaluable lessons of how to test a Rails app and how to properly use Git, along with many other nuggets along the way. I'm also not saying Rails should have built-in user authentication. Maybe it should, but I'm not really sure. After all, there are already popular third-party solutions like Devise. And anyway it's good to learn how to build an authentication system from scratch at some point.
But does it have to be so soon? There are other areas where I'm just as ignorant as I was about the inner workings of authentication (see "the database" below), and in these areas there's not a gem that can automatically solve the problem for me—which is what I've ended up doing for authentication in my own project: even though I could build authentication from scratch, instead I'm using an authentication gem because the effect is exactly the same, but with less code in my app for me to maintain. (Rather than Devise, I've chosen the more lightweight alternative Sorcery. It's simple enough that I can still understand and control the authentication flow, while also providing enough conveniences that I don't have to write out implementation details from scratch.)
Related posts
- Everything was going great until I installed Devise!
- Build a password authentication feature with Sorcery gem.
- Authentication with Sorcery, RSpec, and Rails 7: Building a simple Rails CMS - Part 1
- Why there is no simple default auth in Rails?
- Ruby on Rails: Native route constraint for authentication