Using the request/response cycle as a guide, here's how authentication fits in:
- When a user visits the signup page, the browser makes an HTTP GET request for the URL
- The Rails router maps the URL
/signup to the Users controller's
new action. The
new action handles the request and passes it on to the view.
- The view displays the signup form.
- When the user fills in and submits the form, the browser sends the data via an HTTP POST request to the app.
- The router maps the request to the Users controller's
create action saves the data to the database and redirects to the albums page. The action also creates a new session.
What is a session? A session is a connection between the user's computer and the server running the Rails app. A session starts when a user logs in, and ends when the user logs out.