Ruby on Rails Crash Course: Authentication and Authorization

Code-Along and learn to build a Web App MVP covering all aspects of Authentication and Authorization functionality.

When creating a Web application, you usually have to start with the two key elements:

What you’ll learn

  • create, edit, invite, ban, unban, delete, inivte users to your app.
  • gem devise for logging in.
  • devise confirmable – confirm email to use app.
  • devise lockable – ban / unban users.
  • manage user roles.
  • restrict user access based on roles.
  • log in with google.
  • log in with facebook.
  • log in with twitter.
  • log in with github.
  • invite users via email with devise_invitable.
  • connect Amazon SES email service for sending emails for free.
  • deploy applications to production like a PRO.
  • invisible recaptcha.

Course Content

  • Hello World. Install Ruby on Rails 6. Using Git. –> 7 lectures • 50min.
  • Basic styling. Bootstrap. Fontawesome. –> 4 lectures • 18min.
  • Advanced User Authentication (log in functionality) –> 11 lectures • 1hr 25min.
  • Log in with social accounts –> 8 lectures • 1hr 14min.
  • User Roles and Authorization (without gems!) –> 3 lectures • 26min.
  • Styling the app –> 6 lectures • 35min.
  • Inviting users via email to join our app –> 6 lectures • 45min.
  • Preparing for production –> 4 lectures • 26min.
  • PRO FEATURE – Strong params authorization –> 3 lectures • 17min.
  • Bonus features, Fixes and Adjustments –> 1 lecture • 2min.

Ruby on Rails Crash Course: Authentication and Authorization


  • Modern browser and internet connection.
  • A basic understanding of programming would be helpful, Basic knowledge of Ruby and Rails will be a plus.
  • No paid software required.

When creating a Web application, you usually have to start with the two key elements:

  • Authentication – User log in, user account management.
  • Authorization – User roles and permissions.

Code-Along and build a Web App MVP covering all aspects of Log-In, User Management, and Role-Management functionality.

Core topics covered:

  • Basic authorization via email (Devise)
  • Social log in via Google
  • Social log in via Facebook
  • Social log in via Twitter
  • Social log in via Github
  • Devise confirmable
  • Devise trackable
  • Devise lockable
  • Devise invitable – Inviting users to join the app via email
  • Banning users
  • Deleting users
  • Editing user profile
  • Managing user roles (admin, teacher, student) without any gems
  • Role-based access to different features (example: only admin can ban a user) without any gems
  • Blocking bot registrations
  • Sending transactional emails in production (Amazon SES)

By the end of the course you will have created a boilerplate, based on which you can build any business application of your dream.

This course can be interesting for Ruby on Rails developers of all levels: for beginners and for veterans.

As a beginner, you will get the whole experience of thinking and building the core lifesystem of any modern Web Application.

As a veteran, you will get acquainted with some exquisite approaches for problem-solving, and features that you could have not encountered in the past.

We are not going to cover the fundamentals of what Ruby and Rails are: there are other, more basic courses for that.

Instead, we will dive straight into coding along and building our application step-by-step, feature-by-feature.

As well all enrolled students will have access to the source code, support materials and discussion groups.

Looking forward to seeing you inside!

Get Tutorial