rails - authentication, authorization and auditing confusion

I am trying to decide on an AAA plugin/s but there seems to be so many of them! and a lot of the posts seem quite old, 07/08.

I saw goldberg but it seems like the site is down...

my app needs login,logout and forgotten passwords and needs to be able to restrict a user based on controllers/methods(role based).

On the auditing side I need to be able to log when a user edits/creates data.

Solution

you can start looking at Devise for authentication, and CanCan for simple authorization.

for logging, don't know if there are any plugins, but you easily can write some observer.

How can I disable Hotwire / Turbo (the Turbolinks replacement) for all forms in a Rails application?
RSpec Stubbing out Date.today in order to test a method
How to specify a prefix when uploading to S3 using activestorage's direct upload?
Duration between two dates in Ruby (Rails)
CMS for ecommerce website in rails
Ruby gsub capturing groups
Can I switch to Amazon S3 later in Rails 7 after using local storage?
Rails 7/StimulusJS relative import: working on dev, but not production
Rails: ActiveSupport::MessageEncryptor::InvalidMessage
How can I unlock my gemfile so I can access the rails server?
What do I pass to schema_migration in ActiveRecord::MigrationContext#new
How do I stop Routing Errors errors from causing all sorts of warning?
Where do you put your Rack middleware files and requires?
How to prevent the <p> tag from wrapping around my input with tinymce in Rails?
Clickable Table Rows in Ruby on Rails
How to determine if one array contains all elements of another array
Adding page-specific CSS to Rails Asset Pipeline
Rails 7.1, log to STDOUT and log/production.log
Add custom fields to object in ROR application
Hit web endpoints behind Devise authentication with non-browser request in a Rails app
How to revert/undo local changes to an Activerecord object?
Disabling GraphQL introspection requests on production
carrierwave png thumbnails from svg upload
When rails app create database and collection when using MongoDb?
Sidekiq sending jobs to test queue instead of developement queue
rails assert_difference without specific difference value
How best to propogate an `admin` status to children using Rails and Ancestry
Rails minitest + authlogic cannot authenticate
How does bundler work (in general)?
`belongs_to` and `before_create` order in Rails