February 16, 2026

In 2025, at Rails g authentication from Kaigi on Rails 2025, developer Shinichi Maeshima presented an insightful talk on Rails 8’s new rails g authentication generator and its implications for how we build authentication in Rails apps.

Rails has long given developers the building blocks for authentication — has_secure_password, session cookies, and controller concerns — but until Rails 8, there was no canonical, built-in scaffold for tying them all together. That gap led many teams to rely on external gems like Devise.

Rails 8 changes that with an official generator that produces a sane, secure, and convention-based authentication system right out of the box. Let’s dive into what it generates, why it matters, and when you might prefer Devise or other solutions.

👉 Read the full article.

https://rubystacknews.com/2026/02/16/rails-8-authentication-why-the-new-built-in-generator-matters-and-what-it-means-for-devise/