https://github.com/ricardo-benicio/rails-template
Production-ready Rails 8.1 template with Devise + JWT auth, Admin Dashboard, REST API, Swagger docs, rate limiting, soft delete, and modern tooling. Clone and build.
https://github.com/ricardo-benicio/rails-template
api devise docker hotwire jwt postgresql rails ruby tailwindcss template
Last synced: 5 months ago
JSON representation
Production-ready Rails 8.1 template with Devise + JWT auth, Admin Dashboard, REST API, Swagger docs, rate limiting, soft delete, and modern tooling. Clone and build.
- Host: GitHub
- URL: https://github.com/ricardo-benicio/rails-template
- Owner: ricardo-benicio
- Created: 2026-01-23T18:37:45.000Z (5 months ago)
- Default Branch: main
- Last Pushed: 2026-01-23T19:01:23.000Z (5 months ago)
- Last Synced: 2026-01-24T08:57:58.869Z (5 months ago)
- Topics: api, devise, docker, hotwire, jwt, postgresql, rails, ruby, tailwindcss, template
- Language: Ruby
- Size: 119 KB
- Stars: 0
- Watchers: 0
- Forks: 0
- Open Issues: 0
-
Metadata Files:
- Readme: README.md
Awesome Lists containing this project
README
# Rails Template
A production-ready Rails 8.1 template with authentication, API, admin dashboard, and modern tooling — ready to clone and build on.
## Stack
| Layer | Technology |
|-------|-----------|
| Backend | Rails 8.1, Ruby 3.3, PostgreSQL |
| Frontend | Hotwire (Turbo + Stimulus), Tailwind CSS v4 |
| Auth | Devise + JWT |
| Admin | Administrate |
| Jobs | Sidekiq + Redis |
| API Docs | Swagger/OpenAPI (rswag) |
| Deploy | Kamal, Docker |
| Tests | RSpec, Factory Bot, SimpleCov |
| Monitoring | AppSignal |
## Features
- **Authentication** — Devise with JWT for APIs, email confirmation, password recovery, account lockout
- **Role-based Access** — User, Manager, Admin roles with protected routes
- **REST API v1** — Versioned, paginated, rate-limited, documented
- **Admin Dashboard** — Full CRUD for user management at `/admin`
- **Soft Delete** — Discard gem with reusable concern
- **Rate Limiting** — Rack Attack protecting login, signup, and API endpoints
- **API Documentation** — Swagger UI at `/api-docs`
- **i18n** — English and Brazilian Portuguese
## Getting Started
### Prerequisites
- Ruby 3.3.6
- PostgreSQL 16 (or Docker)
- Redis (optional, for Sidekiq)
### Setup
```bash
# Clone and install dependencies
git clone && cd rails-template
bundle install
# Start PostgreSQL (Docker)
docker run --name postgres-dev \
-e POSTGRES_USER=postgres \
-e POSTGRES_PASSWORD=postgres \
-p 5432:5432 -d postgres:16
# Configure environment
cp .env.example .env
# Edit .env with your values (POSTGRES_PASSWORD=postgres)
# Create database and seed
bin/rails db:create db:migrate db:seed
# Start the server
bin/dev
```
Open http://localhost:3000
### Test Credentials
| Role | Email | Password |
|------|-------|----------|
| Admin | admin@example.com | password123 |
| Manager | bob@example.com | password123 |
| User | john@example.com | password123 |
## API Endpoints
```
POST /api/v1/auth/sign_in # Login (returns JWT)
DELETE /api/v1/auth/sign_out # Logout
POST /api/v1/auth/sign_up # Register
POST /api/v1/auth/password # Password reset
GET /api/v1/users/me # Current user profile
PATCH /api/v1/users/me # Update profile
```
Authentication via `Authorization: Bearer ` header.
Full documentation available at `/api-docs`.
## Key URLs
| Path | Description |
|------|-------------|
| `/` | Landing page |
| `/admin` | Admin dashboard (admin only) |
| `/api-docs` | Swagger API docs |
| `/sidekiq` | Job monitoring (admin only) |
| `/up` | Health check |
## Commands
```bash
bin/dev # Start development server
bin/rspec # Run test suite
bin/rails db:seed # Seed database
bin/rails rswag:specs:swaggerize # Generate Swagger docs
bin/rubocop # Lint code
bin/brakeman # Security scan
```
## Project Structure
```
app/
├── controllers/
│ ├── admin/ # Administrate controllers
│ ├── api/v1/ # API controllers (auth, users)
│ └── home_controller # Landing page
├── models/
│ ├── user.rb # Devise + JWT + Discard
│ └── concerns/ # Reusable concerns (Discardable)
├── blueprints/ # API serializers (Blueprinter)
├── dashboards/ # Administrate dashboards
└── views/ # ERB templates (Tailwind)
config/
├── routes.rb # All routes (web, API, admin)
├── initializers/ # Devise, CORS, Rack Attack, rswag
└── locales/ # i18n (en, pt-BR)
```
## Security
- JWT token revocation
- Rate limiting on auth endpoints
- Account lockout after 5 failed attempts
- CORS configuration
- Content Security Policy
- SQL injection protection
- Fail2Ban for suspicious requests
## Deployment
Configured for [Kamal](https://kamal-deploy.org/):
```bash
bin/kamal setup # First deploy
bin/kamal deploy # Subsequent deploys
```
## License
MIT