Click here to navigate the course.

Drag the edges to resize the window.

In Projects, you can keep track of your progress as you go throught the tasks. Check each item as you complete it!

Code Editor
Web Browser

Great work so far! We've built an authentication system that lets new users sign up for the site, and lets existing users log in and out.

However, there's one problem - even after you log out, you can still access the albums page. Why does this happen? Let's look at the request/response cycle:

  1. Currently when a user visits the URL /albums, the browser first makes a request for that URL.
  2. The request hits the Rails router.
  3. The router sends the request to the Albums controller's index action regardless of whether a user is logged in.

What we want instead is for only users who are logged in to see the albums page; otherwise they should be redirected to the login page. This means that we need to check whether a user is logged in before sending her request on to the Albums controller's index action. Let's see how to do this.

report a_bug
If you see a bug or any other issue with this page, please report it here.