github.com/leesmith/decent_authentication ↗

About leesmith/decent_authentication

Decent Authentication is a Rails sample application that demonstrates how to build user authentication directly into a Rails app without relying on third-party gems or generators. Rather than using established authentication libraries, this project shows the fundamentals of rolling your own authentication system, with a focus on understanding the core concepts involved.

The application includes practical authentication features such as user sign-in with account enabling controls, password reset functionality via email, and the ability to redirect users to protected routes after successful login. It implements several security defaults including password requirements of at least 8 alphanumeric characters, password reset tokens that expire after 2 hours, and session cookies that automatically expire after 30 minutes of inactivity.

The project is intended as an educational resource for developers who want to understand how authentication works under the hood rather than treating it as a black box. A working demo is available online, and the repository includes setup instructions, a test suite, and code examples to help others learn from or adapt the implementation.