How to use Lato Users

lato_users adds a user management section to a Lato admin panel. Use it when the application needs admins to create users, edit user data, manage invitations, and handle account verification from the back office.

Installation

Add Lato Users to the application Gemfile:

gem "lato"
gem "lato_users"

Install the engine and run migrations:

bundle
rails lato_users:install:application
rails lato_users:install:migrations
rails db:migrate

Mount the engine in config/routes.rb:

Rails.application.routes.draw do
  mount LatoUsers::Engine => "/lato-users"

  # ...
end

Import styles in app/assets/stylesheets/application.scss:

@import "lato_users/application";

Import JavaScript in app/javascript/application.js:

import "lato_users/application"

Permissions

Users must be logged into Lato and must have Lato Users admin permission enabled. Grant permission from application seeds or from an existing admin account.

user = Lato::User.find_by(email: "admin@example.com")
user.update!(lato_users_admin: true)

What admins can do

• View all application users.
• Create new users.
• Edit user email, name, password, and available Lato admin permissions.
• Verify or revoke email verification.
• Send a new verification email.
• Generate a new password for a user.
• Delete users when allowed by the application data constraints.
• Create and delete invitations.

Recommended setup

Create at least one administrator in seeds and enable lato_users_admin. This guarantees access to the user management panel after first deployment.

admin = Lato::User.find_or_create_by!(email: "admin@example.com") do |user|
  user.first_name = "Admin"
  user.last_name = "User"
  user.password = "Password1!"
  user.password_confirmation = "Password1!"
  user.email_verified_at = Time.current
end

admin.update!(lato_users_admin: true)

Invitations

Use invitations when users should not self-register. Admins can create invitations from the Lato Users panel. Invited people receive an email and complete account creation from the invitation link.