This may be an opportunity into setting up some authorized routes in Rails. That is, you can create user logins for authentication, and then authorize only `admin` users to create simulations, for example. Or allow anyone to create, but only admins can destroy. Or allow anyone to create, but they can only see the simulations they have created, whereas admins can see all.
For Autentication, Devise is very popular, and is built on warden. I'd imagine JWT is more popular these days, as well, or the Auth0 gem. I'd recommend Devise since that's what most Rails developers have worked with, probably.
For authorization, I think Pundit is by far the best and is used in a few places at Shopify. But CanCanCan is also used at Shopify a bit.
This would give you an opportunity to look into Authorization gems and Authentication gems.
For Autentication, Devise is very popular, and is built on warden. I'd imagine JWT is more popular these days, as well, or the Auth0 gem. I'd recommend Devise since that's what most Rails developers have worked with, probably.
For authorization, I think Pundit is by far the best and is used in a few places at Shopify. But CanCanCan is also used at Shopify a bit.
_Originally posted by @csalvato in https://github.com/eargollo/soccer/pull/7#discussion_r1379101366_