1. Add the repository to your repository list: script/plugin source http://svn.techno-weenie.net/projects/plugins/
2. Install the plugin in your rails app: script/plugin install restful_authentication
3. Generate the user model and the session controller:script/generate authenticated user session --include-activation
   In this step, you can change the words user and session for anything you want. If you skip the --include-activation option, no code for the classical activation e-mail will be generated.
4. Edit config/routes.rb, adding the following lines:

   map.activate '/activate/:activation_code', :controller => 'users', :action => 'activate'
   map.signup '/signup', :controller => 'users', :action => 'new'
   map.login '/login', :controller => 'session', :action => 'new'
   map.logout '/logout', :controller => 'session', :action => 'destroy'

   Again, changing users and session for anything you might wanna call them.

5. Run the migration: rake db:migrate. This step is not necessary if you provide the --skip-migration option while generating the model and the controller.
6. Move the following lines from the users and session controllers, to the Application controller:

   # Be sure to include AuthenticationSystem in Application Controller instead
   include AuthenticatedSystem

7. You\’re done!

Some things to be said: First, it is nice (and even encouraging) to hack around the generated code and see what is happening. For some people (maybe many), some concepts are new, and the reading process might prove itself very interesting.
Second, since this is a standard way of authenticate users, it may be very easy for crackers to hack into your app, so look around and change anything you might want.

This is a summary of the restful_authentication railscast. Watch the original if you can.