Karim El Husseiny is going to show how to implement a simple user authentication system in a Rails application from scratch. Along the way, he’ll examine best practices to help avoid common – and costly – mistakes. Password-protected actions are a common feature in most web applications. You’ll only allow users with a valid username and password to access these actions. This is referred to as “User Authentication,” which most Rails applications will require in some form or another.
- Signup - To begin, Karim El Husseiny will create a new user in the database. He’ll need to obtain the username, password (which will be encrypted in the database), email address, and other miscellaneous details from the author.
- Login - The user will be able to login with her/his username and password. The authentication process takes place by matching the supplied credentials with what is stored in the database. If the credentials don’t match, the user should be redirected to the login page.
- Access Restriction - He’ll create a session to hold the authenticated user’s ID, after login. This way, navigation through additional protected actions can be done easily by simply checking the userID in the session.
- Logout - Finally, the logout process, in which he sets the authenticated userID in the session file to Nil.
Comments
Be the first to write a comment
You must me logged in to write a comment.