Integration Guide for Ruby

This guide assumes you’ve created a Realm and have configured LoginRocket with your app’s URL. If those steps still need to be done, see the Quickstart Guide (or the Full Start Guide if that process is somehow half-complete).

This is the Ruby version of this guide. There is also a Rails Integration Guide which covers our streamlined Rails integration. If you want to use Rails without that streamlined integration, then this is the best guide to follow.

If you’re not using Ruby, see the standard Integration Guide.

Get your API credentials

The Quickstart should have left you at the Integration page showing your Secret API key and JWT secret. If you’re not there now, go to Realm -> Integration.

Keep this page open–you’ll need the information here when configuring API access.

Install the authrocket gem

The authrocket Ruby gem works with both Rails and plain Ruby. Our examples below are mostly geared toward Rails, but can be easily adapted for other frameworks like Sinatra.

Start by adding the gem to your Gemfile:

gem 'authrocket'

Then run bundle.

Configuring the gem

Using environment variables

Often the simplest way to configure the authrocket gem is to use environment variables. If you are using a hosting environment, such as Heroku, that handles environment variables for you, this is super easy.

Set these variables using the information on the Integration page.


# skip these 2 if using multiple realms

# this is the LoginRocket URL

If using foreman for development, simply add the above to your .env.

Be careful: recent versions of foreman no longer handle end-of-line comments or whitespace around the =.

Basic apps usually use only a single realm. For them, it’s convenient to set a global realm ID and JWT secret. However, if your app will use two or more realms, we strongly discourage setting a global realm ID or JWT secret. Instead, send the proper realm ID with each API request.

Using an initializer or other code

You may also use an initializer or any other method you prefer. Here’s how to set the API credentials directly:

AuthRocket::Api.credentials = {
  api_key: 'ko_SAMPLE',
  url: '',
  realm: 'rl_SAMPLE',
  jwt_secret: 'jsk_SAMPLE',
  loginrocket_url: ''

Store your API credentials in a file that’s ignored by git (or equivalent). Storing them directly in a code file is discouraged.

Add a login controller

Create a new controller to handle inbound logins:

$ rails g controller logins

Update logins_controller.rb to look like this:

class LoginsController < ApplicationController

  skip_before_action :require_user

  def login
    if params[:token]
      if AuthRocket::Session.from_token(params[:token])
        session[:ar_token] = params[:token]
    unless require_user
      redirect_to root_path

  def logout
    session[:ar_token] = nil
    redirect_to root_path, notice: 'You have been logged out.'


Update the application controller

Next let’s update application_controller.rb:

before_action :require_user

def require_user
  unless current_user
    redirect_to ar_login_url

def current_user
  @_current_user ||= AuthRocket::Session.from_token(session[:ar_token]).try(:user)
helper_method :current_user

def ar_login_url
helper_method :ar_login_url

Now add the necessary routes to your routes.rb:

get 'login' => 'logins#login'
get 'logout' => 'logins#logout'

Update your views

At this point, you’re ready to process logins. All that’s left is to use them!

Add something like this to your application.html.erb layout:

<% if current_user %>
    Welcome, <%= %>! [<%= link_to 'Logout', logout_path %>]
<% end %>

Requiring logins for access

To require a valid login, simply add this to the top of any controller:

before_action :require_user

Like any other use of before_action, you can limit it to specific actions:

before_action :require_user, except: [:index]

Complete example

We’ve made a complete example Rails app available on GitHub. It covers everything above plus a few other pieces to tie everything together.

What’s next

Logins should now be working with your app.

If you enabled signups via LoginRocket, those are now working too. When a new user registers, we create their user profile and then log them in. No extra code required!

From here we suggest the following:

Questions? Find a Typo? Get in touch.