Devise is one of the most popular gem in the Ruby and Rails landscape for authentication. It has over 20,000 GitHub stars and lots of integrations. But at the same time, Devise gem is also the most confusing gem for beginners. It is so confusing that it even suggests not using it if you're new to Rails or web development in its readme.
First of all, Devise is an authentication library built on top of Warden, a Rack-based authentication framework. So for those who don't like coding with Rails, it's still a good solution.
Warden handles user sessions using secure session strings to verify the identities of logged-in users. It also handles users who are not logged in to ensure they cannot access restricted resources.
But since Warden is purely Rack-based, it does not add controller actions, views, helpers, or any other configuration options necessary for building a proper user authentication solution. Devise, on the other hand, does.
Another notable feature of Devise is its modularity. The library comes with around 10 modules which allow you to specify exactly how you want authentication handled in your application. You don't need to use all 10 modules. Instead, you activate and use only what you need for your app. For example the Registerable module, Omniauthable, Trackable, and others.
Short conclusion: in order to integrate and manage Devise might not be enough knowledge about Rails, but for those who started their carrier with Ruby it's definitely a go.
linkedin