holyketzer/Gemfile

## app_controllers_users_controller.rb
class UsersController < ApplicationController
  before_action :set_user, only: [:show, :edit, :update, :destroy]

  # GET /users
  # GET /users.json
  def index
    @users = User.order(:name)
  end

  # GET /users/1
  # GET /users/1.json
  def show
  end

  # GET /users/new
  def new
    @user = User.new
  end

  # GET /users/1/edit
  def edit
  end

  # POST /users
  # POST /users.json
  def create
    @user = User.new(user_params)

    respond_to do |format|
      if @user.save
        format.html { redirect_to users_url, notice: "User #{@user.name} was successfully created." }
        format.json { render action: 'show', status: :created, location: @user }
      else
        format.html { render action: 'new' }
        format.json { render json: @user.errors, status: :unprocessable_entity }
      end
    end
  end

  # PATCH/PUT /users/1
  # PATCH/PUT /users/1.json
  def update
    respond_to do |format|
      if @user.update(user_params)
        format.html { redirect_to users_url, notice: "User #{@user.name} was successfully updated." }
        format.json { head :no_content }
      else
        format.html { render action: 'edit' }
        format.json { render json: @user.errors, status: :unprocessable_entity }
      end
    end
  end

  # DELETE /users/1
  # DELETE /users/1.json
  def destroy
    @user.destroy
    respond_to do |format|
      format.html { redirect_to users_url }
      format.json { head :no_content }
    end
  end

  private
    # Use callbacks to share common setup or constraints between actions.
    def set_user
      @user = User.find(params[:id])
    end

    # Never trust parameters from the scary internet, only allow the white list through.
    def user_params
      params.require(:user).permit(:name, :password, :password_confirmation)
    end
end

## app_models_user.rb
class User < ActiveRecord::Base
  validates :name, presence: true, uniqueness: true
  has_secure_password
end

## app_views_users__form.html.erb
<div class="depot_form">

<%= form_for(@user) do |f| %>
  <% if @user.errors.any? %>
    <div id="error_explanation">
      <h2><%= pluralize(@user.errors.count, "error") %> prohibited this user from being saved:</h2>

      <ul>
      <% @user.errors.full_messages.each do |msg| %>
        <li><%= msg %></li>
      <% end %>
      </ul>
    </div>
  <% end %>

  <fieldset>
    <legend>Enter User Details</legend>

    <div class="field">
      <%= f.label :name, 'Name: ' %><br>
      <%= f.text_field :name, size: 40 %>
    </div>
    <div class="field">
      <%= f.label :password, 'Password: ' %><br>
      <%= f.password_field :password, size: 40 %>
    </div>
    <div>
      <%= f.label :password_confirmation, 'Confirm: ' %><br>
      <%= f.password_field :password_confirmation, size: 40 %>
    </div>
    <div class="actions">
      <%= f.submit %>
    </div>
  </fieldset>
<% end %>

</div>

## db_migrate_xxxxxxxxxxxx_create_users.rb
class CreateUsers < ActiveRecord::Migration
  def change
    create_table :users do |t|
      t.string :name
      t.string :password_digest

      t.timestamps
    end
  end
end

## Gemfile
# Use ActiveModel has_secure_password
gem 'bcrypt-ruby', '~> 3.0.0'
	class UsersController < ApplicationController
	before_action :set_user, only: [:show, :edit, :update, :destroy]

	# GET /users
	# GET /users.json
	def index
	@users = User.order(:name)
	end

	# GET /users/1
	# GET /users/1.json
	def show
	end

	# GET /users/new
	def new
	@user = User.new
	end

	# GET /users/1/edit
	def edit
	end

	# POST /users
	# POST /users.json
	def create
	@user = User.new(user_params)

	respond_to do \|format\|
	if @user.save
	format.html { redirect_to users_url, notice: "User #{@user.name} was successfully created." }
	format.json { render action: 'show', status: :created, location: @user }
	else
	format.html { render action: 'new' }
	format.json { render json: @user.errors, status: :unprocessable_entity }
	end
	end
	end

	# PATCH/PUT /users/1
	# PATCH/PUT /users/1.json
	def update
	respond_to do \|format\|
	if @user.update(user_params)
	format.html { redirect_to users_url, notice: "User #{@user.name} was successfully updated." }
	format.json { head :no_content }
	else
	format.html { render action: 'edit' }
	format.json { render json: @user.errors, status: :unprocessable_entity }
	end
	end
	end

	# DELETE /users/1
	# DELETE /users/1.json
	def destroy
	@user.destroy
	respond_to do \|format\|
	format.html { redirect_to users_url }
	format.json { head :no_content }
	end
	end

	private
	# Use callbacks to share common setup or constraints between actions.
	def set_user
	@user = User.find(params[:id])
	end

	# Never trust parameters from the scary internet, only allow the white list through.
	def user_params
	params.require(:user).permit(:name, :password, :password_confirmation)
	end
	end
	class User < ActiveRecord::Base
	validates :name, presence: true, uniqueness: true
	has_secure_password
	end
	<div class="depot_form">

	<%= form_for(@user) do \|f\| %>
	<% if @user.errors.any? %>
	<div id="error_explanation">
	<h2><%= pluralize(@user.errors.count, "error") %> prohibited this user from being saved:</h2>

	<ul>
	<% @user.errors.full_messages.each do \|msg\| %>
	<li><%= msg %></li>
	<% end %>
	</ul>
	</div>
	<% end %>

	<fieldset>
	<legend>Enter User Details</legend>

	<div class="field">
	<%= f.label :name, 'Name: ' %><br>
	<%= f.text_field :name, size: 40 %>
	</div>
	<div class="field">
	<%= f.label :password, 'Password: ' %><br>
	<%= f.password_field :password, size: 40 %>
	</div>
	<div>
	<%= f.label :password_confirmation, 'Confirm: ' %><br>
	<%= f.password_field :password_confirmation, size: 40 %>
	</div>
	<div class="actions">
	<%= f.submit %>
	</div>
	</fieldset>
	<% end %>

	</div>
	class CreateUsers < ActiveRecord::Migration
	def change
	create_table :users do \|t\|
	t.string :name
	t.string :password_digest

	t.timestamps
	end
	end
	end
	# Use ActiveModel has_secure_password
	gem 'bcrypt-ruby', '~> 3.0.0'