Authem

An Email-Based Authentication Library for Ruby Web Apps

Authem is an email-based authentication library for Ruby web applications. It only supports email/password authentication. It does not automatically integrate with Twitter, Facebook, or whatever OAuth or SSO service you like the best. It is meant to handle user security but allow you to fully customize your user account behavior because the code is all yours.

Compatibility

Ruby 2.0 and above

Rails 4 and 5

Code Quality
Build status Code Climate score

Installation

First you'll need to pick what class you will be using with authem. It can be named whatever you'd like, but for this guide we'll assume you went with User .

To get started, add the following to your project’s Gemfile:

gem 'authem'

Run the generators to create the tables for users and sessions.

rails g authem:user <model_name - defaults to "user">
rails g authem:session

Tell your controllers what model you are using authem with.

class ApplicationController < ActionController::Base
  authem_for :user  #or whatever your authem class is
  ...

Tell your model just how authem it is.

class User < ActiveRecord::Base
  include Authem::User
  ...

Usage

Model Usage

You can make users the normal way. Passwords will automatically be salted and bcrypted.

User.new(
  email: 'matt@example.com',
  password: '$ushi',
  password_confirmation: '$ushi'
)

Resetting passwords has never been easier.

user.reset_password('new_password', 'new_password')

You will also always have a token available when you need to reset passwords.

user.password_reset_token

Controller Usage

In your application controller:

authem_for :user

Which gives you access to:

  • sign_in(user)
  • sign_out_user
  • current_user
  • require_user
  • user_signed_in?
  • redirect_back_or_to(some_awesome_default_path)
  • clear_all_sessions_for(user)

Then require authentication in your controllers with a filter:

before_filter :require_user

For signing in/out users, try a SessionsController like this:

class SessionsController < ApplicationController

  def create
    user = User.find_by(email: params[:email].downcase)
    if user && user.authenticate(params[:password])
      sign_in(user)
      redirect_back_or_to(root_path)
    else
      flash.now.alert = "Your email and password do not match"
      render :new
    end
  end

  def destroy
    sign_out_user
    redirect_to :root
  end

end

Resetting passwords could look something like this:

class PasswordResetsController < ApplicationController

  before_filter :verify_user, only: [:edit, :update]

  def create
    if user = User.find_by(email: params[:email].downcase)
      UserMailer.reset_password_email(user)
    end

    redirect_to [:new, :password_reset], alert: "Instructions for resetting your password have been sent."
  end

  def update
    if user_by_token.reset_password(params[:password], params[:password_confirmation])
      sign_in(user_by_token)
      redirect_to :root
    else
      render :edit
    end
  end

  protected

  def user_by_token
    @user_by_token ||= User.find_by_reset_password_token(params[:id])
  end

  def verify_user
    unless user_by_token
      redirect_to [:new, :password_reset], alert: "We can't find your account with that token."
    end
  end

end

Contribute

Authem’s source code is available on Github.

Pull requests are welcome; please provide spec coverage for new code.

  • bundle
  • rake

Developed & maintained by Paul Elliott & Pavel Pravosud

Designed by Rye Mason at Hashrocket