Does this skill require the Devise gem?

No, this skill is designed specifically to implement authentication using Rails 8's built-in features, eliminating the need for Devise or other external authentication gems.

Is this implementation secure enough for production use?

Yes, it follows official Rails 8 security patterns including bcrypt password hashing, signed HttpOnly cookies for XSS protection, and built-in rate limiting for brute-force defense.

Can I use this for Rails versions older than 8.0?

While the core concepts like has_secure_password work in older versions, this skill specifically utilizes patterns and generators introduced in Rails 8.

Does it support 'Remember Me' functionality?

The implementation uses permanent signed cookies for sessions, providing a persistent login experience similar to 'Remember Me' by default.

Rails 8 Native Authentication

Name: Rails 8 Native Authentication
Author: rbarazi

byrbarazi

0•

API Development

Implements secure, session-based authentication using Rails 8's built-in features without external dependencies.

This skill provides a complete, lightweight authentication system leveraging the native features introduced in Rails 8. It guides Claude to implement a robust user/session architecture featuring secure password hashing via bcrypt, signed HttpOnly cookies, and centralized authentication concerns. It is ideal for developers seeking a 'lean' authentication layer that avoids the overhead of gems like Devise while maintaining modern security standards such as rate limiting, request-scoped attributes, and CSRF protection.

Key Features

01Native Rails 8 authentication pattern with no external gem requirements

02Secure session management using signed, HttpOnly, and SameSite cookies

03Pre-configured User and Session model architectures with validations

04Built-in rate limiting to protect against brute-force login attempts

05Request-scoped user access using ActiveSupport::CurrentAttributes

060 GitHub stars

Use Cases

01Building a greenfield Rails 8 application with a custom, lightweight login system

02Migrating from heavy authentication gems to a native Rails implementation

03Implementing secure session-based tracking with multi-device logout capabilities

What are Skills?·How to Install

Install with 🐟 Skill.Fish

npx skillfish add rbarazi/agent-skills rails8-authentication

For use in Claude.ai and ChatGPT

Download Skill