Rails authentication from scratch
Ruby HTML JavaScript CSS Shell


Decent Authentication

Build Status Code Climate Test Coverage

Decent Authentication is a sample application that implements authentication in Rails without the use of a third-party generator or engine. You might often hear the advice that you should not "Roll your own authentication" but that doesn't mean you have to use a gem.


  • Only allow enabled users to sign in
  • Request password reset via email
  • Forward to protected routes upon successful sign in

Secure defaults:

  • Passwords must be 8 alphanumeric characters
  • Password reset requests expire after 2 hours
  • Session cookies expire after 30 minutes


  • Ruby 2.3
  • PostgreSQL

Getting Started

Run the setup script, start the server, then click 'Create Account' from the sign in screen.

# install gems, create database.yml config, and setup the database


# run the test suite
# run the test suite as well as brakeman, simplecov, and rails_best_practices
./bin/rake analyze