[kayodelycaon]

The majority of hoops jumped through in the article are entirely of the writer’s own making. They changed the default CSS pipeline and added functionality Rails deliberately does not define.

Devise is common for user authentication (and good choice, in my opinion) but it is extremely opinionated and does not like you departing from the blessed path.

Rails tends to avoid enforcing patterns beyond the base building blocks of MVC. User authentication is out of scope. (Turbo links is strongly opinionated but also very limited and very easy to remove.)

[tolien]

My point about Devise was more “if you’re not using auth, why have you included this?”. I think Rails should probably have a Devise-lite in the box, though.

This sounds like the second of my options i.e. gl;hf when the next major Rails release comes around.

[blacktriangle]

Rails choosing not to provide a standard auth solution is 100% the right call. There are a wide variety of auth scenarios, and Devise is highly opinionated. If you're doing a pretty standard B2C type system where you have individual users, Devise fits well, but when you get to more B2B multi tenant with users spanning tenants, and more complicated workflows with users managing other users, Devise breaks down quickly.