Now that users can sign up for a new account, let's add the ability to log in and log out of the app. Using the request/response cycle as a guide again, here's how logging in and logging out fits in.
- When the user visit the login page, the browser makes a GET request for the URL
- The Rails router maps the URL
/login to the Sessions controller's
new action. The
new action handles the request and passes it on to the view.
- The view displays the login form.
- When the user fills in and submits the form, the browser sends the data via a POST request to the app.
- The router maps the request to the Sessions controller's
create action verifies that the user exists in the database. If the user exists, the
create action logs the user in by creating a new session. Otherwise, it reloads the login page.