User authentication and authorization is fundamental in most web applications, this tutorial will guide you through setting devise for authentication and adding an Admin section in your application.
We will create a simple application where we will let the one sign_up either as a user or admin.
Let’s assume you have worked with Rails before…
Creating a Rails application
rails new App -T — skip-webpack-install — skip-javascript
This command will create a new rails application, skipping webpacker and test. We don’t need webpacker and test for our mini-application.
cd App
Fire up the server and we should have a welcome message.
Creating a home page
Let’s create a home page
rails g controller pages index
This will create a bunch of files. A route file, controller and view file, change you’re route file to:
root ‘pages#index’
Refresh the browser and you will check to see a welcome message from pages#index controller.
Change the content in the views to:
<h1>Welcome, this is our home page</h1>
Add Devise for authentication
Devise is a popular gem for rails authentication, add it into the gem file and read the docs to configure it.
gem 'devise'Run bundle install
Run the generator
rails generate devise:installCreate a User model with the above command
rails g devise user
Set up devise mailer configurations as instructed and generate devise views
rails g devise:views
We now have a full authentication system, we can sign_up and sign_in a user.
In our views/layouts/application.html.erb modify the body to the above:
We check if user is signed and and present him with a edit and logout link else we provide a register and login link.
Add nested Controllers
We want to allow an admin user to visit a different section in our app, there are several ways of achieving this, I prefer a nested controller in the above scenario.
In our app/controllers create a new directory admin in the above folder create two files a base_controller.rb and dashboard_controller.rb.
The base controller will inherit from ApplicationController and act as the parent class to our dashboard controller.
Check out the dashboard controller
We have to configure our views and routes to match the above changes.
Create a separate folder in our views, admin folder and in it create a new folder dashboard and a corresponding view file index.html.erb
Populate the file with a simple html markup welcoming the admin…
<h1>Hello, welcome to admin section</h1>
For this to work we will have to change our layouts configurations, create a new file views/layouts/admin/base.html.erb and copy application.html.erb content into the above file.
We can now configure our routes to view the admin section..
We are able to visit /admin/dashboard and see our welcome admin html file we created earlier.
Create an admin role
Let’s create a migration to add an admin role to our User model
rails g migration add_role_to_user
The above command will create an empty migration, let’s edit the above file…
When we migrate the database rails db:migrate we will have an admin column in our User model, set to false by default.
Since we have modified a column in the model generated by devise, we will have to configure devise defaults to permit the column.
We will make the changes the the application_controller.rb file…
Let’s add some logic in our base_controller allow only admin users to access the dashboard controller.
We define a private method check_if_admin redirect user to root path if he is not an admin.
We are done with the admin logic, if we try to visit admin/dashboard the user will be redirected back to our home page.
Let’s create an admin user by seeding our database, create a new migration
rails g migration add_admin
This will create an empty migration file, modify the file to match the above
The above migration creates an admin user with a password and setting and admin role to true.
Let’s reference the above https://stackoverflow.com/questions/21040168/rails-devise-error-no-route-matches-get-users-sign-out answer to set our sign_out link.
Sign out the user and sign_in as an admin. The user will be able to visit the Admin section.
Link to the git-hub repository https://github.com/Njunu-sk/Simple-admin-role
Happy coding…
