Devise and Rails: Installation Checklist

A list of steps and reminders for adding Devise to a Rails application.

This is an initial Devise install that uses mostly the default settings. The standard User model with a ‘role’ field added for authorization by cancancan, local copies of the views for future customization and new account email confirmation turned on.

Update 7/12/2016: The following has been updated to Devise 4.2.0 and Rails 4.2.6. The steps haven’t been reviewed yet for Rails 5.

Starting point is a Rails 4.2 / Ruby 2.2 bare bones application on an Ubuntu 15.04 System 76 Meerkat. (Love my Meerkat!).

The Rails app is also using the following:

  • figaro with a config/application.yml file to handle environment variables
  • rspec
  • haml
  • cancancan (installed as next step after Devise)

The following are essentially notes for my future self since I don’t do this often enough for it to be automatic. If something is a little too cryptic, just leave a comment and I’ll add more of an explanation.

Add the Devise gem

Check for the current stable version and be specific in the Gemfile. (Hopefully this will prevent future absent minded update surprises!)

  • Add to Gemfile:
  • Run:


Run Devise generators and update database

  • Run:
  • Move private Devise settings in config/initializers/devise.rb to ENV variables:
  • Set-up for new account email confirmation:
    Uncomment :confirmable in app/models/user.rb.
    Uncomment related fields in User migration file.
  • Add a string field named ‘role’ to the User migration for cancancan:
    t.string :role, default: 'guest', null: false
  • Run:


Generate local views and convert from ERB to Haml

  • Generate local views:
  • Convert ERB templates to Haml (wiki).


Configure ActionMailer settings

If the application isn’t already set-up for email, add the following to the development, test and production environment files:

(Optional) Install Mailcatcher

Install and start mailcatcher to handle email in the localhost development and test environments. Accessed at http://localhost:1080

  • Run:
  • Add a conditional check for localhost to config/environments/development.rb and config/environments/test.rb:


Handle strong parameters (wiki)

  • Add at top of application_controller.rb:
  • Create a concern for Devise’s application level overriding methods. Save the following to app/controllers/concerns/application/devise_setup.rb (notice the :role field was added):
  • Include concern in application_controller.rb:


Authenticate user in controllers (wiki)

Don’t forget to add the before action line to the top of the relevant controllers.


Add helpers and initial test to rspec (wiki)

  • In spec/rails_helper.rb, inside the Rspec.configure block, add:
  • Add the file spec/support/controller_macros.rb:
  • In spec/rails_helper.rb, at the top, add:
  • Update/create the User factory spec/models/users.rb:
  • Try it out. For example, spec/controllers/dashboard_controller.rb:


Add links to Devise actions and try it out

Add the following to a page in the Rails application:

Restart the server (!!) and try it out. Should be able to create a user, reset the password, login, logout and delete the user. Make sure errors like already signed in are being caught.


(Bonus #1) Add a custom mailer with layouts to brand the Devise emails

Steps and code in gist:

Other references:


(Bonus #2) Add cancancan for authorization

If you’re adding Devise for authentication, you’re probably going to want cancancan for authorization

  • Add to Gemfile:
  • Run:
  • Don’t forget to restart the server.