What does HackerNews think of devise?
Flexible authentication solution for Rails with Warden.
- ActiveRecord is wonderful for data schemas: https://guides.rubyonrails.org/active_record_migrations.html
- ActiveRecord form validations is excellent and defined only on the model
- Scaffolds automatically generate create/read/update/delete endpoints: https://guides.rubyonrails.org/v3.2/getting_started.html#get...
- Websocket-driven updates provided by Hotwire / Turbo Streams: https://turbo.hotwired.dev/handbook/introduction
- Authorization and Authentication by Devise: https://github.com/heartcombo/devise
HAML is wonderful as a templating language as well.
The way it's been explained to me, Rails packages (gems) are like prefab bathrooms and kitchens. Compared to e.g., Node.js packages which provide things like "sink" and "tap" and "door handle."
E.g., in Rails there's a popular auth package that includes password reset and recovery functionality:
https://github.com/heartcombo/devise
Always a pain to build, and not something these popular Node.js packages save you from doing over and over again:
EDIT: It sounds like I'm picking on those packages. I don't mean to, just want to highlight the difference in philosophy between the Node.js and Rails approaches.
Rails uses the "master key" to let you check in encrypted database credentials. I don't use that but Rails still requires a key for deployment--so I just checked in a key. Rails is really designed for a codebase that matches to a single deployment so this is a bit of a workaround.