Last active
August 29, 2015 14:08
-
-
Save kplandes/0f2048e1a1af8b8a43b0 to your computer and use it in GitHub Desktop.
Rails authentication using bcrypt
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
<h2>Sign up</h2> | |
<%= form_for @user do |f| %> | |
<% if @user.errors.any? %> | |
<div id="error_explanation"> | |
<h2><%= pluralize(@user.errors.count, "error") %> prohibited this user from being saved:</h2> | |
<ul> | |
<% @user.errors.full_messages.each do |msg| %> | |
<li><%= msg %></li> | |
<% end %> | |
</ul> | |
</div> | |
<% end %> | |
<%= f.text_field :username, placeholder: 'User Name' %> | |
<%= f.password_field :password, placeholder: 'Password' %> | |
<%= f.password_field :password_confirmation, placeholder: 'Confirm Password' %> | |
<%= f.text_field :first_name, placeholder: 'First Name' %> | |
<%= f.text_field :last_name, placeholder: 'Last Name' %> | |
<%= f.text_field :email, placeholder: 'Email' %> | |
<%= f.text_field :location, placeholder: 'Location' %> | |
<%= f.submit "Sign Up", class: "button" %> | |
<% end %> | |
<h2>Log In</h2> | |
<%= form_tag login_path do %> | |
<%= text_field_tag :username, nil, placeholder: 'User Name' %> | |
<%= password_field_tag :password, nil, placeholder: 'Password' %> | |
<%= submit_tag "Log In", class: "button" %> | |
<% end %> |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
... | |
<% if current_user %> | |
<div>Welcome back, <%= current_user.username %></div> | |
<%= link_to "Log Out", logout_path, method: :delete, class: "button" %> | |
<%end %> | |
<% flash.each do | name, message | %> | |
<div class="<%= name %>"><%= message %></div> | |
<% end %> | |
... |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
class ApplicationController < ActionController::Base | |
# Prevent CSRF attacks by raising an exception. | |
# For APIs, you may want to use :null_session instead. | |
protect_from_forgery with: :exception | |
# Access methods in views (erb) | |
helper_method :current_user | |
def current_user | |
if session[:current_user_id] | |
User.find session[:current_user_id] | |
else | |
nil | |
end | |
end | |
end |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
<%= render 'form' %> |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Rails.application.routes.draw do | |
root 'welcome#index' | |
post "/login" => "sessions#create" | |
delete "/logout" => "sessions#destroy" | |
resources :users | |
end |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
class SessionsController < ApplicationController | |
def new | |
# my login form | |
end | |
def create | |
@user = User.find_by :username => params[:username] | |
if @user.nil? | |
flash[:error] = "Username does not exist, try again." | |
redirect_to users_path | |
elsif @user.authenticate(params[:password]) | |
session[:current_user_id] = @user.id | |
redirect_to root_url, :success => "You are logged in. Welcome!" | |
else | |
flash[:error] = "Password is incorrect, try again." | |
redirect_to users_path | |
end | |
end | |
def destroy | |
session[:current_user_id] = nil | |
redirect_to users_path, :success => "You are logged out. See you later!" | |
end | |
end |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
class User < ActiveRecord::Base | |
has_secure_password | |
end |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment