Securial is a mountable Rails engine that provides robust, extensible authentication and access control for Rails applications. It supports:

• 🔑 JWT-based authentication
• ↪️ API session tokens, with refresh tokens
• 🤳 Simple integration with web and mobile apps
• 🧹 Clean, JSON-based API responses
• 🧍 User management with roles
• 🫙 Database-agnostic support

Securial was built to offer a clean, modular, and API-first authentication system for Rails developers who want full control without the black-box complexity. Whether you're building for the web, mobile, or both, Securial gives you the flexibility to implement exactly what you need — from simple JWT authentication to more advanced setups involving sessions, API tokens, and role-based access.

It follows familiar Rails conventions, stays lightweight and database-agnostic, and keeps security at the core. With fully customizable controllers, serializers, and logic, Securial is designed to grow with your project — making it an ideal choice for everything from side projects to production-grade APIs.

Securial can be installed on an existing Rails application or use the securial new app_name command to create a new Securial-ready Rails app.

Add Securial to an existing Rails app is as simple as 1..2..3:

• Add gem "securial" to your GemFile

• Run bundle install

• Run rails generate securial:install

• Mount the Securial engine in your Rails application config/routes.rb file:

  Rails.application.routes.draw do
    mount Securial::Engine => "/securial"
  
    # The rest of your routes
  end

• Run the migrations by running the command: rails db:migrate

💡 Full installation steps are available in the Wiki › Installation.

Securial generates an initializer with sensible defaults and full control over logging, mailers, session settings, and roles.

For all configuration options and examples, refer to the Wiki › Configuration

After installation and mounting, Securial exposes endpoints like:

• GET /securial/status — Check service availability
• POST /securial/sessions — Sign in (JWT or session)
• DELETE /securial/sessions — Sign out
• GET /securial/accounts/cool_username — Get a user profile by username
• GET /securial/admins/roles — View roles

Securial returns consistent JSON API responses.

Full details, including authentication flows and protected routes, are available in the Wiki › Authentication module docs.

Securial is organized into modular components including:

• Authentication
• User Management
• Generators
• Identity concern
• Configuration

Explore all modules in the Wiki.

• Clone the repo on your computer
• Run bundle install
• Start coding right away 🏃‍♂️

To run the test suite:

$ bin/test

View the coverage report:

$ open coverage/index.html

Bug reports and pull requests are welcome on GitHub at https://github.com/alybadawy/securial.

1. Fork the repo
2. Create your feature branch (git checkout -b my-feature)
3. Commit your changes (git commit -am 'Add my feature')
4. Push to the branch (git push origin my-feature)
5. Open a Pull Request

The gem is available as open source under the terms of the MIT license.