I've been working on an over-the-board chess app where you place pins on a map to organise chess games to meet and play with other players in your area. It's called letsplaychess.app. Source: 11 months ago

IMHO the stateful opaque token approach is simple enough that it can (and often does) get baked into whatever language/framework you’re using to write your app. In addition, the very nature of session tokens is such that the logic for what the token actually means/represents lives in your app, on the server. So, that may be why we don’t see more “opaque session token” standards/libraries out there as an... - Source: Hacker News / 1 day ago

Users can signup and login via the Devise gem and create their organizations. - Source: dev.to / 22 days ago

However for smaller apps it might be an overkill. In "real-life" production systems, overengineering is one of the biggest crimes. This is true any framework and technology, so in Rails you might want to use Rodauth since it is big and interesting and challenging, but then again, if you are building a simple greenfield MVP you do not have the time or need, for a big, complex solution. In those cases Rails... - Source: dev.to / 22 days ago

Since Rails 7, there's more and more tooling that enables us, developers, to roll our own authentication. Devise is great and has been an amazing companion over the years. It also has this neat little feature - an authenticated route constraint which "hides" certain routes from people that are not signed in. - Source: dev.to / about 1 month ago

As much as this article is about user authorization, there's something important we need to cover: user authentication. Without it, any authorization policies we try to define later on will be useless. But there is no need to write authentication from scratch. Let's use Devise. - Source: dev.to / 8 months ago