easiest way to add simple user authentication to a scaffolded rails 3 app?

Question

We have developed a scaffolded Rails 3 app hosted at Heroku, without any type of authentication so far.

We have precisely two types of users, our Customers, who have a single record in our Customer table, and have access to 3 or 4 views in the Customers controller, and our internal Admins who can access any views in any controllers.

we'd PREFER Customers to do all the usual self-register (creates their "empty" account), authenticate via email (enables their account), change password, get lost passwords etc.

Each user account will have one user. No need for differnet users in the same acocunt with different roles (not yet anyway).

So far I've read about Devise and Authlogic... but I'm hoping to get a recommendation for what's the best solution for this fairly basic scenario... we are relative newbies at Rails so something basic and easy to setup is probably best. Something that creates default MVC objects to handle all the account creation/login etc would be ideal.

---

still researching the excellent suggestions, thanks...

Answer 1

For really simple authentication, check out Ryanb's nifty generators (https://github.com/ryanb/nifty-generators). You can create scaffolded authentication to go along with your scaffolded app. If you want to change later, you won't have tossed much work away.

Devise is great but probably too big a hammer for "simple". You can spend a while getting Devise to work right.

Answer 2

Devise looks like a good match. And if you need an admin role too, you can use CanCan to manage the authorisation or create a different Model for the admins.

Check this guide on how to integrate Devise & CanCan

Answer 3

I would recommend Devise. Devise is a very flexible and extendable, but you won't go wrong with either option.