

Essential Tools for Starting a Rails App in 2013 - zrail
http://www.petekeen.net/essential-tools-for-starting-a-rails-app-in-2013

======
rubiquity
I view Devise, CanCan and SimpleForm as unnecessary gems these days. Rails has
better facilities for all the things those three gems provide. If you take a
little time to create your own login or auth system you'll be much better off
than inheriting the bloat that gems like CanCan and Devise add to your code
base.

I could flip a coin on whether SimpleForm is still useful or not. I tend to
find myself fighting with its method signatures so I don't really like it.

All in all, Rails has grown since these gems were created. Use the new
facilities that Rails provides as well as some OO design to solve problems.
It's much better than including fat gems like the three I mention above into
your code base.

~~~
aantix
So you're better off rolling your own auth gem vs utilizing a popular gem
that's been baked in thousands of production environments?

I agree that Devise is heavy and hard to extend but when we're considering
such a fundamental like auth, you have to have a pretty good reason to deviate
from the time tested popular choices.

Maybe you can write a lighter auth class, but can you write a more secure auth
class? If devise has a vulnerability, there are tons of other sites out there
"watching your back" and could report the vulnerability. If you roll your own,
how are you going to aggressively audit its security?

~~~
rubiquity
I think you're overstating the security value that Devise gives you. It's
hardly more than Rails gives you out of the box. After all, Devise is for
Rails and written in Ruby.

~~~
aantix
I think you're underestimating the power of utilizing a community built
library.

------
colszowka
Some additions:

* The better_errors/meta_request/binding_of_caller combo for error pages with in-browser REPL and for Rails Panel chrome dev tools tab

* foreman for launching processes

* pry as a debugging tool

* lograge/quiet_assets for cleaner log files

As the project author, I will not include simplecov here, but I would normally
drop that in there too ;)

~~~
zrail
That first one is pretty neat. Here's a RailsCast I found about it:
[http://railscasts.com/episodes/402-better-errors-
railspanel?...](http://railscasts.com/episodes/402-better-errors-
railspanel?view=asciicast). Foreman is something I use every day and I didn't
even think to include it, thanks.

------
WestCoastJustin
Anyone interested in learning more about Devise [1], Breakman [2], Simple Form
[3], or Sidekiq [4], should check out RailsCasts [5]. Ryan Bates, who runs
RailsCasts, has screencast episodes on all of these. With 400+ episodes, if
you have an idea, he has most likely done a tutorial that will walk you
through the implementation, this is invaluable for everyone from newbie to
experienced, in that it will likely save you lots of time.

ps. Using Michael Hartl's Ruby on Rails Tutorial [6], and Ryan Bates's
RailsCasts, I was able to go from _zero_ knowledge about rails, to
implementing CRUD apps [7] in a couple weeks. As a side note, I things these
two resources show the power of internet/distance learning.

[1] [http://railscasts.com/episodes/209-devise-
revised](http://railscasts.com/episodes/209-devise-revised)

[2]
[http://railscasts.com/episodes/358-brakeman](http://railscasts.com/episodes/358-brakeman)

[3] [http://railscasts.com/episodes/234-simple-form-
revised](http://railscasts.com/episodes/234-simple-form-revised)

[4]
[http://railscasts.com/episodes/366-sidekiq](http://railscasts.com/episodes/366-sidekiq)

[5] [http://railscasts.com/](http://railscasts.com/)

[6] [http://ruby.railstutorial.org/](http://ruby.railstutorial.org/)

[7]
[http://en.wikipedia.org/wiki/Create,_read,_update_and_delete](http://en.wikipedia.org/wiki/Create,_read,_update_and_delete)

------
willbill
I might add the pry gem to that list. It has a pretty robust community around
it and it can help when debugging hairy code.

------
purephase
I echo some of the sentiment that some of these gems provide, but they are
quite helpful in getting a quick project up and running in a few minutes to
start playing around.

Some of my favorites:

figaro[1] Alternative to dotenv, awesome mascot.

rack-mini-profiler[2] Often folks will say to save performance tuning until
the end. I find having this around from the get go makes it much easier to do
as you move along.

I love sidekiq though. Probably the best on the list. Background queues are
essential to most, if not all Rails applications. The goworker post from today
looks interesting too.

[1]
[https://github.com/laserlemon/figaro](https://github.com/laserlemon/figaro)

[2] [https://github.com/MiniProfiler/rack-mini-
profiler](https://github.com/MiniProfiler/rack-mini-profiler)

------
vially
I was looking for a dotenv alternative for the shell (fish preferably) but I
couldn't find any so I wrote my own [1]. Does anyone know any alternatives?

[1] - [https://github.com/vially/fish-
config/blob/master/modules/au...](https://github.com/vially/fish-
config/blob/master/modules/autoenv/autoenv.fish)

------
evilduck
Peek and its various plugins are pretty nice in development. Let's you easily
see what and where your slow points are as you click around the site.

[https://github.com/peek/peek](https://github.com/peek/peek)

------
riffraff
My personal additions:

* CanCan for authorization (it also integrates nicely with devise)

* webmock for testing (because sooner or later I always end up with some slow network call in tests)

~~~
janus
I've grown to like Authority more than Cancan. It does 'less' magic but it's
way more declarative and allows you to be really explicit on what you want to
check.

------
benbruscella
* capistrano for deployments

* exception_notification for email notifications

* state_machine for, well, state machines

* pg_search for simple postgresql searching

* premailer-rails for html emails

* whenever for cron jobs

* backup for a backup dsl, useful with whenever

~~~
tilsammans
Interesting to see backup mentioned. I've used it in the past, but kind of
forgot about it. It's super useful. The documentation tells you to not put it
into Gemfile, but it seems like you really should. Do you?

------
aaronbrethorst
Haml because writing HTML sucks.

Bcrypt-ruby and the built in auth stuff because I find Devise too inflexible.

strip_attributes to clean up user inputs

VCR to speed up tests involving 3rd party services

foreman to control processes and automatically support dotenv.

------
andrew_wc_brown
I purchased the Payment Gateway book and regretted it. The only essential tool
I see on the list is Sidekiq and the rest is just bloat.

~~~
michaelbuckbee
I really liked Pete's book - to the point, and let me get going quickly.

I think it can be hard to accurately judge the value of something as focused
as a book that is so specifically targeted.

In particular, I feel like the book gets you to a complete end to end
Rails+Stripe.js system much much faster than I could have cobbling everything
together myself.

------
instakill
I use 1 of those. Essential is a bit of a stretch.

