Authenticating admin users

Authentication is left for you to implement after you install Administrate into your app. It's expected that you can plugin your existing authentication system.

The base Admin::ApplicationController has a TODO to be completed:

class Admin::ApplicationController < Administrate::ApplicationController
  before_action :authenticate_admin

  def authenticate_admin
    # TODO Add authentication logic here.
  end
end

Using Clearance

Clearance provides Rails authentication with email & password.

class Admin::ApplicationController < Administrate::ApplicationController
  include Clearance::Controller
  before_action :require_login
end

Using Devise

Devise is an authentication solution for Rails with Warden. Include the authentication method for your model as a before_action:

class Admin::ApplicationController < Administrate::ApplicationController
  before_action :authenticate_user!
end

Using HTTP Basic authentication

Rails includes the http_basic_authenticate_with method which can be added to your base admin controller:

class Admin::ApplicationController < Administrate::ApplicationController
  http_basic_authenticate_with(
    name: ENV.fetch("ADMIN_NAME"),
    password: ENV.fetch("ADMIN_PASSWORD")
  )
end

With this approach consider using dotenv to setup your environment and avoid committing secrets in your repository.

Administrate

Documentation

Authenticating admin users

Using Clearance

Using Devise

Using HTTP Basic authentication