Ruby on Rails Crash Course: Authentication and Authorization
10 Chapters 54 Lessons Created 02/2021 Last updated 06/2025 English All levels Certificate of Completion Access to Member-Only Q&A Access to Member-Only Resources Full Lifetime Access & Updates
When creating a Web application, you usually have to start with the two key elements:Authentication - User log in, user account management.Authorization - User roles and permissions.Code-Along and build a Web App MVP covering all aspects of Log-In, User Management, and Role-Management functionality.Core topics covered:Basic authorization via email (Devise)Social log in via GoogleSocial log in via FacebookSocial log in via TwitterSocial log in via GithubDevise confirmableDevise trackableDevise lockableDevise invitable - Inviting users to join the app via emailBanning usersDeleting usersEditing user profileManaging user roles (admin, teacher, student) without any gemsRole-based access to different features (example: only admin can ban a user) without any gemsBlocking bot registrationsSending transactional emails in production (Amazon SES)By the end of the course you will have created a boilerplate, based on which you can build any business application of your dream.This course can be interesting for Ruby on Rails developers of all levels: for beginners and for veterans.As a beginner, you will get the whole experience of thinking and building the core lifesystem of any modern Web Application.As a veteran, you will get acquainted with some exquisite approaches for problem-solving, and features that you could have not encountered in the past.We are not going to cover the fundamentals of what Ruby and Rails are: there are other, more basic courses for that.Instead, we will dive straight into coding along and building our application step-by-step, feature-by-feature.As well all enrolled students will have access to the source code, support materials and discussion groups.Looking forward to seeing you inside!
10 chapters 54 lessons
Chapter
1.
Hello World. Install Ruby on Rails. Git.
8 lessons
1.
Preview of the final application
2.
create development environment, install ruby on rails 6, create app
3.
push application to github
4.
PRO TIP - ssh connection - push to github without re-entering password
5.
hello world - generate a static page
6.
connect heroku - run application in production
7.
PRO TIP - delete changes, undo commits
8.
AWS - no space left on device - add 20 gb storage
Chapter
2.
Basic styling. Bootstrap. Fontawesome.
4 lessons
1.
Install bootstrap with yarn and webpacker
2.
Bootstrap basic usage
3.
Install and use Fontawesome icons
4.
Responsive screen width
Chapter
3.
Advanced User Authentication (log in functionality)
11 lessons
1.
gem devise basic installation
2.
bootstrap navigation for devise
3.
customize devise views with bootstrap
4.
devise confirmable
5.
users index and user show pages
6.
devise trackable
7.
create fake users with seeds.rb
8.
redirect user to specific page after sign in
9.
users can be deleted
10.
devise lockable
11.
users can be banned and unbanned
Chapter
4.
Log in with social accounts
8 lessons
1.
gem omniauth-google-oauth2 - social log in with google
2.
social log in with github
3.
social log in with twitter
4.
log in with facebook
5.
display user data from social log in
6.
Social login in production
7.
Credentials and encryption
8.
Make credentials work in production (heroku)
Chapter
5.
User Roles and Authorization (without gems!)
3 lessons
1.
Create and edit User roles
2.
assign default role to user after creation
3.
Authorization - only admin user can edit user roles
Chapter
6.
Styling the app
6 lessons
1.
responsive tables with bootstrap
2.
disappearing flash messages with toastr
3.
footer at the end of page
4.
styling for true false values
5.
styling user views
6.
3 ways to change background color for the app
Chapter
7.
Inviting users via email to join our app
6 lessons
1.
gem devise-invitable - create and invite users to the app
2.
devise invitable docs and views - going deeper
3.
button to Resend confirmation instructions to unconfirmed users
4.
button to Resend invitation to unconfirmed users
5.
Authorization for resend_confirmation_instructions
6.
Authorization for resend_invitation
Chapter
8.
Preparing for production
4 lessons
1.
gem invisible_captcha - no bot sign ups
2.
sending emails in production with Amazon SES
3.
gem exception_notification - receive emails if errors in production
4.
rename app from ruby-gems-bootcamp to superauth
Chapter
9.
PRO FEATURE - Strong params authorization
3 lessons
1.
user name can be edited
2.
strong params - only admin can edit roles, any user can edit names
3.
strong params authorization - user can edit his own profile
Chapter
10.
Bonus features, Adjustments and Improvements
1 lesson
1.
user can not ban himself
