Decent Authentication is a sample application that implements authentication in Rails without the use of a third-party generator or engine. You might often hear the advice that you should not "Roll your own authentication" but that doesn't mean you have to use a gem.
- Only allow enabled users to sign in
- Request password reset via email
- Forward to protected routes upon successful sign in
- Passwords must be 8 alphanumeric characters
- Password reset requests expire after 2 hours
- Session cookies expire after 30 minutes
- Ruby 2.6
Run the setup script, start the server, then click 'Create Account' from the sign in screen.
# install gems, create database.yml config, and setup the database ./bin/setup
# run the test suite ./bin/rake
# run the test suite as well as brakeman, simplecov, rails_best_practices, and rubocop ./bin/rake analyze