How do I enable modules in my user model?

In app/models/user.rb, specify devise modules such as: devise :database_authenticatable, :registerable, :recoverable, :rememberable, :trackable, :validatable, :confirmable, :lockable, :timeoutable, :omniauthable.

rails-auth-with-devise

npx machina-cli add skill Shoebtamboli/rails_claude_skills/rails-auth-with-devise --openclaw

Files (1)

SKILL.md

4.7 KB

Rails Authentication with Devise

Devise is the most popular authentication solution for Rails, providing a complete MVC solution with 10 modular components.

Quick Setup

# Add to Gemfile
bundle add devise

# Install Devise
rails generate devise:install

# Generate User model with authentication
rails generate devise User

# Run migrations
rails db:migrate

Essential Configuration

After devise:install, configure in config/environments/development.rb:

config.action_mailer.default_url_options = { host: 'localhost', port: 3000 }

Set root route in config/routes.rb:

root to: 'home#index'

Devise Modules Reference

Enable modules in the model (e.g., app/models/user.rb):

Module	Purpose	Migration Columns
`:database_authenticatable`	Password hashing/storage	`email`, `encrypted_password`
`:registerable`	Sign up, edit, destroy account	-
`:recoverable`	Password reset via email	`reset_password_token`, `reset_password_sent_at`
`:rememberable`	"Remember me" cookie	`remember_created_at`
`:trackable`	Sign in stats	`sign_in_count`, `current_sign_in_at`, `last_sign_in_at`, `current_sign_in_ip`, `last_sign_in_ip`
`:validatable`	Email/password validations	-
`:confirmable`	Email confirmation	`confirmation_token`, `confirmed_at`, `confirmation_sent_at`, `unconfirmed_email`
`:lockable`	Lock after failed attempts	`failed_attempts`, `unlock_token`, `locked_at`
`:timeoutable`	Session expiration	-
`:omniauthable`	OAuth provider support	-

Controller Helpers

# Require authentication
before_action :authenticate_user!

# Check if signed in
user_signed_in?

# Get current user
current_user

# Access session
user_session

For other models (e.g., Admin):

before_action :authenticate_admin!
admin_signed_in?
current_admin
admin_session

Common Tasks

Add Custom Fields (e.g., username)

Generate migration:

rails g migration AddUsernameToUsers username:string:uniq
rails db:migrate

Permit in ApplicationController:

class ApplicationController < ActionController::Base
  before_action :configure_permitted_parameters, if: :devise_controller?

  protected

  def configure_permitted_parameters
    devise_parameter_sanitizer.permit(:sign_up, keys: [:username])
    devise_parameter_sanitizer.permit(:account_update, keys: [:username])
  end
end

Customize Views

# Generate all views
rails generate devise:views

# Scoped views for specific model
rails generate devise:views users

# Specific modules only
rails generate devise:views -v registrations confirmations

Customize Controllers

# Generate controllers
rails generate devise:controllers users

# Or specific controller
rails generate devise:controllers users -c sessions registrations

Update routes:

devise_for :users, controllers: {
  sessions: 'users/sessions',
  registrations: 'users/registrations'
}

Custom Redirect After Sign In

In ApplicationController:

def after_sign_in_path_for(resource)
  stored_location_for(resource) || dashboard_path
end

def after_sign_out_path_for(resource_or_scope)
  root_path
end

Hotwire/Turbo Configuration (Rails 7+)

In config/initializers/devise.rb:

Devise.setup do |config|
  config.responder.error_status = :unprocessable_entity
  config.responder.redirect_status = :see_other
end

Ensure responders gem version >= 3.1.0.

Testing

RSpec Setup

In spec/support/devise.rb:

RSpec.configure do |config|
  config.include Devise::Test::ControllerHelpers, type: :controller
  config.include Devise::Test::ControllerHelpers, type: :view
  config.include Devise::Test::IntegrationHelpers, type: :feature
  config.include Devise::Test::IntegrationHelpers, type: :request
end

Usage:

sign_in user
sign_out user

Minitest Setup

class ActionDispatch::IntegrationTest
  include Devise::Test::IntegrationHelpers
end

Additional Guides

OmniAuth setup: See references/omniauth.md
API authentication: See references/api-auth.md
Advanced patterns: See references/advanced.md

Source

git clone https://github.com/Shoebtamboli/rails_claude_skills/blob/main/lib/generators/claude/skills_library/rails-auth-with-devise/SKILL.md

View on GitHub

Overview

Devise provides a complete, modular authentication solution for Rails apps. This skill covers installing Devise, generating a User model, enabling key modules (sign in, sign up, password recovery, confirmable, Omniauth), and customizing views or controllers to fit your app.

How This Skill Works

Install Devise with bundle and run rails generate devise:install, then generate a User model with rails generate devise User and run migrations. Configure modules in the model (e.g., :database_authenticatable, :registerable, :recoverable, :confirmable, :omniauthable) and use Devise helpers and routes in controllers. For production readiness, set mailer host (config.action_mailer.default_url_options) and define root routes and redirects as needed.

When to Use It

Setting up user authentication in a Rails app
Adding sign in/sign up/sign out functionality
Implementing email confirmation, password recovery, or account locking
Configuring OmniAuth social login
Adding multiple user models (User/Admin)

Quick Start

Step 1: Add devise to your Gemfile and run bundle install
Step 2: Run rails generate devise:install and rails generate devise User
Step 3: Run rails db:migrate and start the server with rails server

Best Practices

Install Devise and generate the User model using: bundle add devise, rails generate devise:install, rails generate devise User; run migrations
Configure mailer URL options in development.rb (config.action_mailer.default_url_options = { host: 'localhost', port: 3000 })
Enable and tailor necessary Devise modules in the model, e.g., :database_authenticatable, :registerable, :recoverable, :confirmable, :omniauthable
Customize views and controllers as needed with rails generate devise:views and rails generate devise:controllers
Test authentication flows with RSpec or Minitest to verify sign-in, sign-up, password recovery, and redirects

Example Use Cases

New Rails app: install Devise, generate User model, migrate database, and start server
Add an Admin model with a separate devise scope for admin authentication
Add a username field via migration and permit it in devise_parameter_sanitizer for sign_up and account_update
Customize after_sign_in_path_for to redirect users to a dashboard
Enable :confirmable and :recoverable to support email confirmation and password reset workflows

Frequently Asked Questions

Add this skill to your agents