Devise is a flexible authentication solution for Rails based on Warden. It:

• Is Rack based;
• Is a complete MVC solution based on Rails engines;
• Allows you to have multiple models signed in at the same time;
• Is based on a modularity concept: use only what you really need.

Capybara helps you test web applications by simulating how a real user would interact with your app.

SimpleCov is a code coverage analysis tool for Ruby

RuboCop is a Ruby static code analyzer. Out of the box it will enforce many of the guidelines outlined in the community Ruby Style Guide.

Rails Best Practice is a code metric tool to check the quality of rails codes.

Better Errors replaces the standard Rails error page with a much better and more useful error page.

If you would like to use Better Errors' advanced features (REPL, local/instance variable inspection, pretty stack frame names), you need to add the binding_ _of__caller.

Gems for dealing with money, currency conversion and realtime exchange rate.

gem "google_currency"
gem "money"

require 'money'
require 'money/bank/google_currency'

Money.default_bank = Money::Bank::GoogleCurrency.new
money = Money.new(1_00, "USD")
exchange_rate = money.exchange_to(:twd).to_d

The Spreadsheet Library is designed to read and write Spreadsheet Documents.

Chartkick help your to create beautiful Javascript charts with one line of Ruby.

Slack Notifier is a simple wrapper to send notifications to Slack webhooks.

Figaro is very simple, Heroku-friendly Rails app configuration using ENV and a single YAML file.

FriendlyId is the “Swiss Army bulldozer” of slugging and permalink plugins for ActiveRecord. It allows you to create pretty URL’s and work with human-friendly strings as if they were numeric ids for ActiveRecord models.

A Scope & Engine based, clean, powerful, customizable and sophisticated paginator for Rails 3 and 4 https://github.com/amatsuda/kaminari/wiki

ActiveModel::Serializers brings convention over configuration to your JSON generation. Here's a simple example:

class PostSerializer < ActiveModel::Serializer
  cache key: 'posts', expires_in: 3.hours
  attributes :title, :body

  has_many :comments

  url :post
end

class CommentSerializer < ActiveModel::Serializer
  attributes :name, :body

  belongs_to :post

  url [:post, :comment]
end

Jbuilder gives you a simple DSL for declaring JSON structures that beats massaging giant hash structures. This is particularly helpful when the generation process is fraught with conditionals and loops. Here's a simple example:

# app/views/message/show.json.jbuilder

json.content format_content(@message.content)
json.(@message, :created_at, :updated_at)

json.author do
  json.name @message.creator.name.familiar
  json.email_address @message.creator.email_address_with_name
  json.url url_for(@message.creator, format: :json)
end

if current_user.admin?
  json.visitors calculate_visitors(@message)
end

json.comments @message.comments, :content, :created_at

json.attachments @message.attachments do |attachment|
  json.filename attachment.filename
  json.url url_for(attachment)
end

CKEditor is a WYSIWYG text editor designed to simplify web content creation. It brings common word processing features directly to your web pages. Enhance your website experience with our community maintained editor. ckeditor.com

Carrierwave is a classier solution for file uploads for Rails, Sinatra and other Ruby web frameworks.

MiniMagick is a ruby wrapper for ImageMagick or GraphicsMagick command line.

fog is the Ruby cloud services library, top to bottom:

• Collections provide a simplified interface, making clouds easier to work with and switch between.
• Requests allow power users to get the most out of the features of each individual cloud.
• Mocks make testing and integrating a breeze.

AASM - State machines for Ruby classes (plain Ruby, Rails Active Record, Mongoid)

Validates provides collection of useful custom validators for Rails applications, including:

• EmailValidator
• UrlValidator
• SlugValidator
• MoneyValidator
• IpValidator
• AssociationLengthValidator
• AbsolutePathValidator
• UriComponentValidator
• ColorValidator
• EanValidator (EAN-8 & EAN-13)

Simple Form aims to be as flexible as possible while helping you with powerful components to create your forms. The basic goal of Simple Form is to not touch your way of defining the layout, letting you find the better design for your eyes.

omniauth-facebook

omniauth-google-oauth2

omniauth-weibo-oauth2

omniauth-twitter

The administration framework for Ruby on Rails applications. http://activeadmin.info

active_skin: Flat skin for active admin.

Use an error reporting service like Rollbar.

Also, track 400 and 500 status codes.

ActiveSupport::Notifications.subscribe "process_action.action_controller" do |name, start, finish, id, payload|
  if !payload[:status] or payload[:status].to_i >= 400
    # track it
  end
end

Use Slowpoke for request and database timeouts.

gem 'slowpoke'

Use Rack Attack to throttle and block requests.

Keep track of slow requests

ActiveSupport::Notifications.subscribe "process_action.action_controller" do |name, start, finish, id, payload|
  duration = finish - start
  if duration > 5.seconds
    # track here
  end
end

ActiveSupport::Notifications.subscribe "unpermitted_parameters.action_controller" do |name, start, finish, id, payload|
  # track here
end

PaperTrail lets you track changes to your models' data. It's good for auditing or versioning.

Soft delete: paranoia

module TrackErrors
  extend ActiveSupport::Concern

  included do
    after_validation :track_errors
  end

  def track_errors
    if errors.any?
      # track here
    end
  end
end

ActiveRecord::Base.send(:include, TrackErrors)

class ApplicationController < ActionController::Base
  def handle_unverified_request_with_tracking(*args)
    # track here

    handle_unverified_request_without_tracking(*args)
  end
  alias_method_chain :handle_unverified_request, :tracking
end

Ahoy provides a solid foundation to track visits and events in Ruby, JavaScript, and native apps.

Use Lograge.

gem 'lograge'

Add the following to config/environments/production.rb.

config.lograge.enabled = true
config.lograge.custom_options = lambda do |event|
  options = event.payload.slice(:request_id, :user_id, :visit_id)
  options[:params] = event.payload[:params].except("controller", "action")
  # if you use Searchkick
  if event.payload[:searchkick_runtime].to_f > 0
    options[:search] = event.payload[:searchkick_runtime]
  end
  options
end

Add the following to app/controllers/application_controller.rb.

def append_info_to_payload(payload)
  super
  payload[:request_id] = request.uuid
  payload[:user_id] = current_user.id if current_user
  payload[:visit_id] = ahoy.visit_id # if you use Ahoy
end

It attempt to bring sanity to Rails' noisy and unusable, unparsable and, in the context of running multiple processes and servers, unreadable default logging output

Instead of having an unparsable amount of logging output like this:

Started GET "/" for 127.0.0.1 at 2012-03-10 14:28:14 +0100
Processing by HomeController#index as HTML
  Rendered text template within layouts/application (0.0ms)
  Rendered layouts/_assets.html.erb (2.0ms)
  Rendered layouts/_top.html.erb (2.6ms)
  Rendered layouts/_about.html.erb (0.3ms)
  Rendered layouts/_google_analytics.html.erb (0.4ms)
Completed 200 OK in 79ms (Views: 78.8ms | ActiveRecord: 0.0ms)

you get a single line with all the important information, like this:

method=GET path=/jobs/833552.json format=json controller=jobs action=show status=200 duration=58.33 view=40.43 db=15.26

Use an uptime monitoring service like Pingdom or Uptime Robot.

Monitor web servers, background jobs, and scheduled tasks.

Use a performance monitoring service like New Relic, AppSignal or Skylight.

Be sure to monitor:

• requests by action - total time, count
• errors - with affected users
• queue time - X-Request-Start header
• timeouts
• 404s
• invalid authenticity token
• unpermitted parameters
• invalid form submissions

• jobs by type - total time, count
• errors

• requests by type - total time, count
• errors
• CPU usage
• space

redis-rb is a Ruby client that tries to match Redis' API one-to-one, while still providing an idiomatic interface. It features thread-safety, client-side sharding, pipelining, and an obsession for performance.

redis-objects provides a Rubyish interface to Redis, by mapping Redis data types to Ruby objects, via a thin layer over the redis gem.

• requests by type - total time, count
• errors

Use a high performance web server like Unicorn.

gem 'unicorn'

One thing we thought Unicorn missed, is killing the Unicorn workers based on the number of requests and consumed memories.

unicorn-worker-killer gem provides automatic restart of Unicorn workers based on 1) max number of requests, and 2) process memory size (RSS), without affecting any requests.

Add these lines to your config.ru.

# Unicorn self-process killer
require 'unicorn/worker_killer'

# Max requests per worker
use Unicorn::WorkerKiller::MaxRequests, 3072, 4096

# Max memory size (RSS) per worker
use Unicorn::WorkerKiller::Oom, (192*(1024**2)), (256*(1024**2))

Use SSL to protect your users. Add the following to config/environments/production.rb.

config.force_ssl = true

Fix double logging in the Rails console. Create config/initializers/log_once.rb with:

ActiveSupport::Logger.class_eval do
  def self.broadcast(logger)
    Module.new do
    end
  end
end

Whenever is a Ruby gem that provides a clear syntax for writing and deploying cron jobs. Example:

every 3.hours do
  runner "MyModel.some_process"
  rake "my:rake:task"
  command "/usr/bin/my_great_command"
end

• Redis timeout
• Elasticsearch timeout
• Background jobs
• Gemify parts

• cant_wait gem for database timeouts