Programming
Juan Pablo Balarini • 20 OCT 2022
Our favorite Ruby on Rails gems that will take your apps to the next level
Ruby on Rails —or RoR, for friends— is an MVC web application framework that is known for its power to ease the entire development process. More than 6% of the top 10k websites with most traffic use Ruby on Rails. One of the reasons people love it so much is that you can move really fast by using gems.
What is a Ruby on Rails gem?
Gems are libraries packed with specific functionalities that avoid having to reinvent the wheel every time they need to add a new requirement. Created in RubyConf 2004 by influential contributors such as Jim Weirich, Chad Fowler, Richard Kilmer, David Alan Black, and Paul Brannan, RubyGems is the de-facto package manager for Ruby, providing a standardized way to distribute Ruby libraries and programs in a format referred to as a 'gem'. It also provides a command-line interface, also called 'gem', which allows the developer to install and manage these Ruby libraries. Rubygems.org serves as the Ruby community’s gem hosting service, where users can download gems.
Although private gem repositories are an option, the most commonly used method for managing gems is through the open, public repository. As of Ruby version 1.9, a standard Ruby package comes pre-bundled with RubyGems, making it easier than ever to integrate these gems into your development workflow.
Whether you're looking to provide basic functionality like user authentication or more complex functionality like payment processing or adding an administrator portal, the Rails ecosystem has a gem for practically any purpose. In this article, we’ll discuss the best Rails gems you can use in 2023. These RoR gems will help you reduce the time spent coding and even speed up time-to-market.
1. Devise: turning authentication into an easy-peasy job
A friendly piece of advice: If you’re just getting started with Ruby on Rails, we recommend you to better get into this framework before using Devise, because having a good knowledge of RoR is a must. So, if you’re an RoR beginner, it’d be better if you start with a simple authentication system from scratch.
If you’re already into Ruby on Rails, then you’re ready to meet one of its best-in-class gems. Devise is really popular for simplifying the entire authentication process. In order to do so, this gem uses pre-defined controllers, routes, and views. Devise includes +20 modules—such as Registrable, Confirmable, Trackable, and Recoverable; we’ll talk about them soon—.
Just in case you haven’t considered using an authentication process in your app yet, think about this situation: imagine you’re developing an e-commerce app. You’ll need to enable the User to log in and out, right? Well, Devise can do that and more for you. This gem can do the work with the controllers that are key for user creation and sessions.
We talked about its modules a little bit, and let’s dig into some of them—modules 1 to 6 are enabled by default—:
1) Database Authenticable: this is related to password hashing and storing in the database.
2) Recoverable: this module enables users to recover their password using an email by adding the “Forgot my password” well-known link.
3) Registerable: takes care of the entire registration process.
4) Rememberable: with this module users will be able to choose if they want the device to remember their account or not by saying so in the “Remember me” checkbox. For this to be possible, the module creates a token and stores a user session with a saved cookie.
5) Trackable: user IP addresses, timestamps, last sign-in, and sign-in count can be tracked with this module.
6) Validatable: email addresses and passwords are validated by using built-in Devise validations.
7) Omniauthable: this enables users to log in via third-party providers such as Google and Facebook.
8) Confirmable: if the user doesn’t confirm their account via email, this module disables access to it.
9) Timeoutable: after a certain amount of time, this module will log a user out of his account.
10) Lockable: this module has the power to lock an account after, for example, a certain number of failed log-in attempts.
2. CanCanCan: they can access here only if you say so
Need to restrict access to resources? This is our fav library to do so. With CanCanCan you can allow or deny resource access to certain users. It’s really helpful not only for simple apps but for those that have complex levels of user permissions.
CanCanCan has the power to help you restrict certain features and functions to users that, for instance, meet the characteristics you’ve decided. By relying on CanCanCan you can create roles and permissions. This doesn’t mean only to make sure that their experience is based on your specific target but also that security is improved.
CanCanCan builds an Ability class to define permissions that are stored in one single location. Those permissions can be defined in one or several Ability files. This gem consists mainly in:
1) Authorizations library: so you can define the requirements needed to access certain resources and get help to check the permissions.
2) Rails helpers: this will empower you to automate permissions of models loading and checking, and reduce duplicated code. This means that code will be simplified in Rails Controllers.
3. Active Admin: CEO of RoR development
The Admin section is a pretty common module in the app world. For RoR apps, we have the Active Admin gem, which we think is one of the best admins that exist for Rails. You can set up and run an admin site in just a couple of minutes, saving you hours and even days of the hard work that means building internal dashboards. Active Admin gives you the backend help you need. This is extra helpful for RoR business applications.
We’re not alone in this Active Admin fandom because this gem has been downloaded over 15 million times. This plugin paves the way for creating administration-style interfaces by working with common business application patterns to ease interface implementation.
When choosing Active Admin, developers will enjoy admin panel creation with little or even no effort needed. To install it, they just need to add this to their Gemfile:
# Gemfile
gem 'activeadmin'
4. Sidekiq: behind-the-scenes key helper
Although there are some alternatives to do the job—we’ll talk about them in a while—, this is our fav one. Sidekiq can help with background tasks like processing payments, housekeeping activities, and sending emails in the background.
This processing tool is one of the most popular Ruby-based job frameworks. Actually, according to the 2022 Ruby on Rails community survey, this thread-based gem represents the majority of deployments when it comes to job processors.
Sidekiq uses Redis, a library known for its flexibility and performance, as a job management store. Plus, this gem processes the jobs in a multi-threaded process so it can take care of many jobs at the same time and in the same process. Its multithreading ability boosts speed and makes the whole background processing faster and easier.
In terms of speed, on Sidekiq’s website, you’ll find that it’s 20x faster than other options. That advantage is also real when we talk about efficiency. Sidekiq's most known competitors are:
- Delayed Job: this uses a SQL database for storage and processes jobs in a single-threaded process. While it’s pretty easy to set up, its performance and scalability aren’t that good. In this case, easy doesn’t mean efficient. Quite the opposite of what happens with Sidekiq.
- Resque: this one uses Redis for storage just like Sidekiq. The difference is that the process is a single-threaded one so processing like 30 jobs at the same time requires 30 processes, and, therefore, more memory.
So, although there are other options to solve the same issue, Sidekiq is our fav one mainly because of its multithreaded power.
5. RSpec: Pass your tests smoothly
RSpec is the gem that’s gonna help you write unit test cases with clear syntax. Its clear syntax is what enables you to write unit tests as close to human language as possible. Plus, RSpec unlocks more efficiency in testing libraries or model behavior. This gem is easy to use and execute, you just have to install the config files or spec helpers.
This Rails plugin is especially when you’re writing unit test cases in behavior-driven development—better known as BDD—or TDD—also known as test-driven development—environments. You can test from both plan Ruby to full-on Rails apps. Remember that both BDD and TDD have this mantra: first, write your tests, then write code to make the tests pass. RSpec is more than verifying your application code with scripts, it’s about full explanations that say specifically how the app has to behave, all the explanations are in plain English.
Knowing exactly how to make the most of RSpec is key for developers keen on taking their careers to the next level. RSpec is a widely known and one of the foundational testing libraries within the Rails community. Why? Because this gem empowers you to: work with an automated model, view, controller, and feature specs; make full use of outside testing services, so you achieve the development phase without any surprises, ensuring that your app passes all tests; and integrate different testing libraries.
With that being said, maybe now you realize how important it is to have this gem up your sleeve.
6. Pry: a fumigator for your code
This is our fav debugger so far. You won’t have to worry about finding that nasty bug in your code if you’re using Pry. This meta plugin or library helps developers when, for instance, they need to get rid of the problem of binding gems from different libraries.
Pry strives to deliver REPL-driven programming to the Ruby language. It’s more than an Interactive Ruby—a.k.a IRB—replacement. Pry can offer different features that aim to lay a step-by-step foundation for implementing code debugging and setting specific breakpoints.
Our fav 10 features are:
1) Syntax highlighting
2) Source code browsing
3) Ability to view and replay history
4) Command shell integration and convenience commands inspired by advanced REPLs
5) Open methods in editors
6) Live help system
7) Enjoying lots of plugins that enable actions like remote sessions and full debugging
8) Runtime invocation, you can use Pry as a debugger or as a developer console
9) Navigation around state
10) Exotic object support
Those are just some of the advanced Pry’s features that make us wanna include it in our must-have RoR gems list.
7. Mixing gems to create a best-in-class solution for your RoR app
Combining Reek, Rubocop, rails_best_practices, and Brakeman is our recipe to reduce problems like errors, issues in your coding style, and security concerns. For us, this is another must-have for every professional RoR developer.
Each tool delivers a unique value to this recipe. Let’s explore briefly how they work:
- Reek: checks for Code Smells on your Ruby code, it inspects Ruby classes, modules, and methods. By doing so, this tool can identify signs of deeper problems in your app design. Plus, Reek can help you put an eye on those parts of the code you weren’t paying full attention to.
- Rubocop: This is a Ruby code analyzer and code formatting tool that analyzes code quality in Rails development. If there’s any style issue, it will be reported to erase any chance of breaking the Ruby code writing style. You don’t need to watch this tool to make sure it does its work. Besides reporting problems, Rubocop can fix simple issues, like line breaks and syntax highlighting, by itself. Since it's a pretty flexible tool, if you need to, you can change certain aspects of its behavior to meet your specific needs.
- rails_best_practices: This one also checks the quality of Rails code. rails_best_practices is actually a code metric tool that supports ORM/ODMs like activerecord, mongoid, and mongomapper. It’s important to note that this tool only supports Ruby 1.9.3 or newer.
- Brakeman: The last tool of our recipe is an analysis that focuses on security issues. It’s mainly a security scanner for RoR apps but what makes it unique is that it works with the source code of your app so you don’t have to set up your entire app stack to make full use of it. Some other benefits that come with this security scanner are: you just have to run it after installing it, no setup is required; you can run it no matter what stage of development you’re in; it delivers better coverage of an app including for those pages that aren’t live yet; and it’s faster than other scanners. One limitation? It can give you false positives.
Now you’re all set to try these gems yourself in your RoR app. Of course, these are just some of them. Ruby on Rails has one of the most collaborative communities: there are many more gems and resources that can help Software Development Companies on their Ruby on Rails journey.
If you want to explore more about RoR, we have everything you need in our blog.