Congratulations! You built an authentication system from scratch. What can we generalize so far?
- An authentication system is made up of sign up, log in, log out functionality.
password_digest column and
has_secure_password method are provided by bcrypt to store passwords securely.
- A session begins when a users logs in, and ends when a user logs out.
current_user method allow us to access the current user;
require_user redirects to the root of the app if there is no such user.
- Before actions act as filters. They call methods before executing controller actions.