Authentication in RailsAdmin with SimplestAuth

See how I added administration and authentication to Opower's new website using RailsAdmin and SimplestAuth, all before lunch.

In the course of building Opower’s new website we needed to provide management functionality around the many different types of content in the system. While Typus is a great solution and one that we’ve used before, I had heard really great things about RailsAdmin.

Next, we knew that we would only have a handful of people managing the site content, and all would have the same level of access. Given this, and the speed with which we needed to move in development to support the beautiful design and the detailed work of the buildout, our authentication of administrators needed to be simple.

Enter, SimplestAuth

Having originally created SimplestAuth for exactly this purpose it was an easy decision pulling it into the project. However, the question remained, “how will this work in RailsAdmin?” As it turns out, perfectly. This is a testament to both the clarity of SimplestAuth, and the brilliant simplicity of the authentication and authorization hooks in RailsAdmin.

By default, RailsAdmin will use Devise for authentication if it’s added to the Gemfile before rails_admin. Since we don’t need it, we just leave it out.

Putting it All Together

Inside the config/initializers/rails_admin.rb:

RailsAdmin.authenticate_with {} # leave it to authorize RailsAdmin.authorize_with {authorized? || access_denied} # login required RailsAdmin.current_user_method {current_user} 

Three lines, that’s all it takes!

Now, granted, with SimplestAuth you’ll have to write a simple controller for admins to log in. Examples can be found in the SimplestAuth Readme. In addition, I would suggest namespacing this controller under /admin as this is the path where the rest of RailsAdmin routes. Finally, on successful login, I would suggest redirect_to rails_admin_dashboard_url as a reasonable place to go.

The Details

In order to get the RailsAdmin fields to show the attr_accessors for password and password_confirmation that are required to register new administrators we have to detect the field crypted_password and add the appropriate fields. We can do so by adding these lines to config/initializers/rails_admin.rb:

if defined?(::SimplestAuth) RailsAdmin::Config::Fields.register_factory do |parent, properties, fields| if :crypted_password == properties[:name] fields << RailsAdmin::Config::Fields::Types.load(:password).new(parent, :password, properties) fields.last.label "Password" fields << RailsAdmin::Config::Fields::Types.load(:password).new(parent, :password_confirmation, properties) fields.last.instance_eval do label "Password confirmation" help "Retype password" end true else false end end end 

And lastly, we want the administrator to be able to see their name or email, edit it, and log out from the admin. RailsAdmin makes this part easy, with the use of partials. We can create a new partial in app/views/rails_admin/main/_user_info.html.erb that looks something like this:

<% if current_user = _current_user %> <div class="user_info"> <ul> <li> <strong><%= link_to current_user.email, rails_admin_edit_url(:user, current_user) %></strong> </li> <li class="desc"> <%= link_to t("admin.credentials.log_out"), destroy_session_path(current_user) %> </li> </ul> </div> <% end %> 

And with that we have a new working admin and the authentication we wanted, before lunch.