#Simple Authentication with Bcrypt
This tutorial is for adding authentication to a vanilla Ruby on Rails app using Bcrypt and has_secure_password.
The steps below are based on Ryan Bates's approach from Railscast #250 Authentication from Scratch (revised).
You can see the final source code here: repo. I began with a stock rails app using rails new gif_vault
##Steps
This practical is continuous from previous practical, by providing a login facility based on user accounts. Users will log in with a unique username and password, as in most commercial and community web sites. Before doing this practical you should have finished previous practical. .
###Step 1) Enter the cookbook directory of the application. we’re going to need a controller for creating users and so we’ll create a Users Controller and give it a new
rails g controller users new
In the above “rails g” is a short form for “rails generate”.
It's a collection of CSS styles and Javascript add-ons that stop your site from looking like a shitty craigslist rip off from 1996. Seriously, who wants that?
Docs: CSS, Components, Javascript
Finding the right gem, keeping it updated, and learning the syntax is a pain in the ass. Why not install Bootstrap the way you'd install new javascript libraries?
| # To enable SSL in Rails you could now simply use *force_ssl* in your | |
| # ApplicationController but there is two more things to think about: | |
| # In development our SSL webserver is running on port 3001 so we would | |
| # actually need to use *force_ssl port: 3001* but then this wouldn't | |
| # work for production. | |
| # Also there is a good chance you might not always want to use SSL in development | |
| # so it would be nice if we could just enable or disable SSL in the config. | |
| # To make all this work first copy the file *ssl_with_configured_port.rb* to | |
| # your *lib* directory. Second to enable SSL add *config.use_ssl = true* |
| # 1) Create your private key (any password will do, we remove it below) | |
| $ cd ~/.ssh | |
| $ openssl genrsa -des3 -out server.orig.key 2048 | |
| # 2) Remove the password | |
| $ openssl rsa -in server.orig.key -out server.key |
| client = Savon::Client.new do | |
| # This can be a URL also | |
| wsdl.document = "/Path/to/your.wsdl" | |
| # These are optional, only if your WSDL sucks :) | |
| wsdl.endpoint = "https://your_endpoint" | |
| wsdl.namespace = "http://your_namespace" | |
| certs = Akami::WSSE::Certs.new :cert_file => "/path/to/cert.crt", :private_key_file => "/path/to/private/key.pem", :private_key_password => "password" | |
| wsse.sign_with = Akami::WSSE::Signature.new certs |
| class TicketsController < ApplicationController | |
| respond_to? :js | |
| def index | |
| form = TicketFormValidator.new(form_params) | |
| if form.valid? | |
| @ticket = ticket_service(form.pnr_number) | |
| @pnr = form.pnr_number | |
| if @ticket.is_a? String | |
| flash.now[:error] = @ticket |
| { | |
| "request": { | |
| "airline": { | |
| "requestedCode": "PS", | |
| "fsCode": "PS" | |
| }, | |
| "flight": { | |
| "requested": "777", | |
| "interpreted": "777" | |
| }, |
| def ticket_issued | |
| case | |
| when avia? | |
| "#{user_name} выписал(а) авиабилет #{ticket_number}" | |
| when railway? | |
| "#{user_name} выписал(а) ж/д билет #{ticket_number}" | |
| when bus? | |
| "#{user_name} выписал(а) автобусный билет #{ticket_number}" | |
| end | |
| end |