15.2 Iteration J2: Authenticating Users 14.3 Playtime
Scaffold the user model
rails generate scaffold User name:string password:digest
invoke active_record
create db/migrate/20171113154727_create_users.rb
create app/models/user.rb
invoke test_unit
create test/models/user_test.rb
create test/fixtures/users.yml
invoke resource_route
route resources :users
invoke scaffold_controller
create app/controllers/users_controller.rb
invoke erb
create app/views/users
create app/views/users/index.html.erb
create app/views/users/edit.html.erb
create app/views/users/show.html.erb
create app/views/users/new.html.erb
create app/views/users/_form.html.erb
invoke test_unit
create test/controllers/users_controller_test.rb
create test/system/users_test.rb
invoke helper
create app/helpers/users_helper.rb
invoke test_unit
invoke jbuilder
create app/views/users/index.json.jbuilder
create app/views/users/show.json.jbuilder
create app/views/users/_user.json.jbuilder
invoke assets
invoke coffee
create app/assets/javascripts/users.coffee
invoke scss
create app/assets/stylesheets/users.scss
invoke scss
identical app/assets/stylesheets/scaffolds.scss
uncomment out bcrypt
edit Gemfile
# Use ActiveModel has_secure_password
gem 'bcrypt', '~> 3.1.7'
Run the migration
rails db:migrate
mv 20171113154727_create_users.rb 20171113000009_create_users.rb
== 20171113000009 CreateUsers: migrating ======================================
-- create_table(:users)
-> 0.0006s
== 20171113000009 CreateUsers: migrated (0.0006s) =============================
wrap the flash in an if statement
edit app/views/users/index.html.erb
<% if notice %>
<aside class="notice"><%= notice %></aside>
<% end %>
<h1>Users</h1>
<table>
<thead>
<tr>
<th>Name</th>
<th colspan="3"></th>
</tr>
</thead>
<tbody>
<% @users.each do |user| %>
<tr>
<td><%= user.name %></td>
<td><%= link_to 'Show', user %></td>
<td><%= link_to 'Edit', edit_user_path(user) %></td>
<td><%= link_to 'Destroy', user, method: :delete, data: { confirm: 'Are you sure?' } %></td>
</tr>
<% end %>
</tbody>
</table>
<br>
<%= link_to 'New User', new_user_path %>
Add validation, has_secure_password
edit app/models/user.rb
class User < ApplicationRecord
validates :name, presence: true, uniqueness: true
has_secure_password
end
Avoid redirect after create, update operations
edit app/controllers/users_controller.rb
def create
@user = User.new(user_params)
respond_to do |format|
if @user.save
format.html { redirect_to users_url,
notice: "User #{@user.name} was successfully created." }
format.json { render :show, status: :created, location: @user }
else
format.html { render :new }
format.json { render json: @user.errors,
status: :unprocessable_entity }
end
end
end
edit app/controllers/users_controller.rb
def update
respond_to do |format|
if @user.update(user_params)
format.html { redirect_to users_url,
notice: "User #{@user.name} was successfully updated." }
format.json { render :show, status: :ok, location: @user }
else
format.html { render :edit }
format.json { render json: @user.errors,
status: :unprocessable_entity }
end
end
end
Display users sorted by name
edit app/controllers/users_controller.rb
def index
@users = User.order(:name)
end
Update form used to both create and update users
edit app/views/users/_form.html.erb
<div class="depot_form">
<%= form_with(model: user, local: true) do |form| %>
<% if user.errors.any? %>
<div id="error_explanation">
<h2><%= pluralize(user.errors.count, "error") %>
prohibited this user from being saved:</h2>
<ul>
<% user.errors.full_messages.each do |message| %>
<li><%= message %></li>
<% end %>
</ul>
</div>
<% end %>
<h2>Enter User Details</h2>
<div class="field">
<%= form.label :name, 'Name:' %>
<%= form.text_field :name, id: :user_name, size: 40 %>
</div>
<div class="field">
<%= form.label :password, 'Password:' %>
<%= form.password_field :password, id: :user_password, size: 40 %>
</div>
<div class="field">
<%= form.label :password_confirmation, 'Confirm:' %>
<%= form.password_field :password_confirmation,
id: :user_password_confirmation,
size: 40 %>
</div>
<div class="actions">
<%= form.submit %>
</div>
<% end %>
</div>
get /users/new
Demonstrate creating a new user
get /users
| Name | |||
|---|---|---|---|
get /users/new
post /users
get http://localhost:3000/users
Show how this is stored in the database
sqlite3> select * from users
id = 1
name = dave
password_digest = $2a$10$MgjT7PsxfMqP5jlkkF5Deu9yULpcZK.MoSSaSiwl.0/5h3AdJVXCO
created_at = 2017-11-13 15:47:38.581236
updated_at = 2017-11-13 15:47:38.581236
Update tests to reflect the changes in redirection and uniqueness
edit test/controllers/users_controller_test.rb
test "should create user" do
assert_difference('User.count') do
post users_url, params: { user: { name: 'sam',
password: 'secret', password_confirmation: 'secret' } }
end
assert_redirected_to users_url
end
edit test/controllers/users_controller_test.rb
test "should create user" do
assert_difference('User.count') do
post users_url, params: { user: { name: 'sam',
password: 'secret', password_confirmation: 'secret' } }
end
assert_redirected_to users_url
end
Make sure that all test names are unique
edit test/fixtures/users.yml
# Read about fixtures at
# http://api.rubyonrails.org/classes/ActiveRecord/FixtureSet.html
one:
name: dave
password_digest: <%= BCrypt::Password.create('secret') %>
two:
name: susannah
password_digest: <%= BCrypt::Password.create('secret') %>
rails test
Run options: --seed 50854
# Running:
................................................
Finished in 1.594256s, 30.1081 runs/s, 61.4707 assertions/s.
48 runs, 98 assertions, 0 failures, 0 errors, 0 skips