baothi/_form.html.erb

## _form.html.erb
<%= form_for(@user) do |f| %>
    <% if @user.errors.any? %>
        <div id="error_explanation">
          <h2>
            <%= pluralize(@user.errors.count, "error") %>
            prohibited this user from being saved:
          </h2>
          <ul>
            <% @user.errors.full_messages.each do |msg| %>
            <li><%= msg %></li>
            <% end %>
          </ul>
        </div>
    <% end %>

    <div class="field">
      <%= f.label :email %><br />
      <%= f.text_field :email %>
    </div>
    <div class="field">
      <%= f.label :password %><br/>
      <%= f.password_field :password %>
    </div>
    <div class="field">
      <%= f.label :password_confirmation %><br/>
      <%= f.password_field :password_confirmation %>
    </div>
    <div class="actions">
      <%= f.submit %>
    </div>
<% end %>

## edit.html.erb
<h1>Editing user</h1>
<%= render 'form' %>
<%= link_to 'Back', articles_path %>

## new.html.erb
<h1>New User</h1>
<%= render 'form' %>
<%= link_to 'Back', articles_path %>

## routes.rb
Rails.application.routes.draw do
  root :to => "articles#index"
  resources :articles do
    resources :comments
  end
  resources :users
  resources :session, :only => [:new, :create, :destroy]
   get '/login' => "sessions#new", :as => "login"
  # get '/logout' => "Sessions#destroy", :as => "logout"
end

## user.rb
require 'digest'
class User < ActiveRecord::Base
  validates_uniqueness_of :email
  validates_length_of :email, :within => 5..50
  validates_format_of :email, :with => /\A([^@\s]+)@((?:[-a-z0-9]+\.)+[a-z]{2,})\z/i
  validates_confirmation_of :password
  validates_length_of :password, :within => 4..20
  validates_presence_of :password, :if => :password_required?
  has_one :profile
  has_many :articles, -> {order('published_at DESC, title ASC')},
           :dependent => :nullify
  has_many :replies, :through => :articles, :source => :comments
  before_save :encrypt_new_password
  #protected_attributes  :password
  attr_accessor :password
  def self.authenticate(email, password)
    user = find_by_email(email)
    return user if user && user.authenticated?(password)
  end
  def authenticated?(password)
    self.hashed_password == encrypt(password)
  end

  protected
  def encrypt_new_password
    return if password.blank?
    self.hashed_password = encrypt(password)
  end
  def password_required?
    hashed_password.blank? || password_required?
  end
  def encrypt(string)
    Digest :: SHA1.hexdigest(string)
  end
end

## users_controller.rb
class UsersController < ApplicationController
  before_action :set_user, only:[:show, :edit, :update, :destroy]

  def new
    @user = User.new
  end

  def create
    @user = User.new(user_params[:user])
    if @user.save
      redirect_to articles_path, notice: 'User successfully added'
    else
      render action: :new
    end
  end

  def edit

  end

  def update
    if @user.update(user_params)
      redirect_to articles_path, notice: 'Updated user information successfully'
    else
      render action: 'edit'
    end
  end

  private
  def set_user
    @user = User.find(params[:id])
  end

  def user_params
    params.require(:user).permit(:email, :password, :password_confirmation)
  end

end
	<%= form_for(@user) do \|f\| %>
	<% if @user.errors.any? %>
	<div id="error_explanation">
	<h2>
	<%= pluralize(@user.errors.count, "error") %>
	prohibited this user from being saved:
	</h2>
	<ul>
	<% @user.errors.full_messages.each do \|msg\| %>
	<li><%= msg %></li>
	<% end %>
	</ul>
	</div>
	<% end %>

	<div class="field">
	<%= f.label :email %><br />
	<%= f.text_field :email %>
	</div>
	<div class="field">
	<%= f.label :password %><br/>
	<%= f.password_field :password %>
	</div>
	<div class="field">
	<%= f.label :password_confirmation %><br/>
	<%= f.password_field :password_confirmation %>
	</div>
	<div class="actions">
	<%= f.submit %>
	</div>
	<% end %>
	<h1>Editing user</h1>
	<%= render 'form' %>
	<%= link_to 'Back', articles_path %>
	<h1>New User</h1>
	<%= render 'form' %>
	<%= link_to 'Back', articles_path %>
	Rails.application.routes.draw do
	root :to => "articles#index"
	resources :articles do
	resources :comments
	end
	resources :users
	resources :session, :only => [:new, :create, :destroy]
	get '/login' => "sessions#new", :as => "login"
	# get '/logout' => "Sessions#destroy", :as => "logout"
	end
	require 'digest'
	class User < ActiveRecord::Base
	validates_uniqueness_of :email
	validates_length_of :email, :within => 5..50
	validates_format_of :email, :with => /\A([^@\s]+)@((?:[-a-z0-9]+\.)+[a-z]{2,})\z/i
	validates_confirmation_of :password
	validates_length_of :password, :within => 4..20
	validates_presence_of :password, :if => :password_required?
	has_one :profile
	has_many :articles, -> {order('published_at DESC, title ASC')},
	:dependent => :nullify
	has_many :replies, :through => :articles, :source => :comments
	before_save :encrypt_new_password
	#protected_attributes :password
	attr_accessor :password
	def self.authenticate(email, password)
	user = find_by_email(email)
	return user if user && user.authenticated?(password)
	end
	def authenticated?(password)
	self.hashed_password == encrypt(password)
	end

	protected
	def encrypt_new_password
	return if password.blank?
	self.hashed_password = encrypt(password)
	end
	def password_required?
	hashed_password.blank? \|\| password_required?
	end
	def encrypt(string)
	Digest :: SHA1.hexdigest(string)
	end
	end
	class UsersController < ApplicationController
	before_action :set_user, only:[:show, :edit, :update, :destroy]

	def new
	@user = User.new
	end

	def create
	@user = User.new(user_params[:user])
	if @user.save
	redirect_to articles_path, notice: 'User successfully added'
	else
	render action: :new
	end
	end

	def edit

	end

	def update
	if @user.update(user_params)
	redirect_to articles_path, notice: 'Updated user information successfully'
	else
	render action: 'edit'
	end
	end

	private
	def set_user
	@user = User.find(params[:id])
	end

	def user_params
	params.require(:user).permit(:email, :password, :password_confirmation)
	end

	end