Authentication
Lesson 1 of 1
  1. 1
    Authentication
    Many web apps let users sign up for a new account and log in and out of their accounts. Together, signing up, logging in and logging out make up an authentication system. Let’s create an authentic…
    Start
  2. 2
    User model
    Using the request/response cycle as a guide, here’s how authentication fits in: Turn one: 1. When a user visits the signup page, the browser makes an HTTP GET request for the URL /signup. 2…
    Start
  3. 3
    User migration
    What did we just do? 1. We created a model named User. 2. In the model, we used the method has_secure_password. This method adds functionality to save passwords securely. 3. In order to save passw…
    Start
  4. 4
    Signup I
    Nice work! You’ve added columns to the users table and ran a migration to update the database. What’s the password_digest column for? When a user submits their password, it’s not a good idea to st…
    Start
  5. 5
    Signup II
    Great! When you visit the URL /signup, the browser makes a GET request for the URL. This request hits the Users controller’s new action, which returns a view displaying the signup page.
    Start
  6. 6
    Users
    Nice job! Now when you fill in the signup form and submit it, the data is sent to the Rails app via a POST request. The request hits the User controller’s create action. The create action saves the…
    Start
  7. 7
    Login I
    Now that users can sign up for a new account, let’s add the ability to log in and log out of the app. Using the request/response cycle as a guide again, here’s how logging in and logging out fits i…
    Start
  8. 8
    Login II
    Well done! 1. When you visit the URL /login, the browser makes a GET request for the URL. This request hits the Sessions controller’s new action, which returns a view displaying the login page. 2…
    Start
  9. 9
    Logout
    Nice job! Now when you fill in the login form and submit it, the data is sent to the Rails app via a POST request. The request hits the Sessions controller’s create action. The create action checks…
    Start
  10. 10
    current_user
    Great work so far! We’ve built an authentication system that lets new users sign up for the site, and lets existing users log in and out. However, there’s one problem - even after you log out, you…
    Start
  11. 11
    Filters
    How do these methods work? 1. The current_user method determines whether a user is logged in or logged out. It does this by checking whether there’s a user in the database with a given session id….
    Start
  12. 12
    Generalizations
    Congratulations! You built an authentication system from scratch. What can we generalize so far? * An authentication system is made up of sign up, log in, log out functionality. * The password_dig…
    Start

What you'll create

Portfolio projects that showcase your new skills

How you'll master it

Stress-test your knowledge with quizzes that help commit syntax to memory