Ruby on Rails: Form and Authentication 表以及用户登陆与退出

最新推荐文章于 2024-07-11 17:31:36 发布

SimonHeeeee

最新推荐文章于 2024-07-11 17:31:36 发布

阅读量118

点赞数

分类专栏： Web Ruby 文章标签： ruby on rails web development session cookie login

本文链接：https://blog.csdn.net/SimonHeeeee/article/details/109672497

版权

Web 同时被 2 个专栏收录

16 篇文章 0 订阅

订阅专栏

Ruby

14 篇文章 0 订阅

订阅专栏

Form

The  destination  url
Whether  the  data  is  associated  with  a  model
The  field  names
The  field  input  types
The  display  name  of  fields

With URL:

<%= form_with url: '/login' do |form| %>
	<%= form.label :email %>
	<%= form.text_field :email %>
	<%= form.submit %>
<% end %>

With model:

<%= form_with model: @user do |form| %>
	<%= form.label :email %>
	<%= form.text_field :email %>
	<%= form.submit %>
<% end %>

form_with models are database critical

Certain fields need to be explicitly whitelisting

params.require(:post).permit(:title, :content)

Designing forms

Is the form associeated with DB insertion/update?
- If yes, form_with model
- If not, form_with url
What end point does the form POST to?
- define the route in route.rb
What data need (field name, type, label)

Authentication

Session: on server, hash data structure

Cookie: on browser, pass session_ids to session

log in obtain a cookie and create a session

log out ask server to remove cookie-session pair

session[:last_search] = "Who am I?"
session[:user] = @user
reset_session

Implementing log in

Create SessionsController

new method: render a login form
create method
- Check if valid login credentials were applied
- assign session[:user_id] to user’s id
destroy method: call reset_session

class SessionController < ApplicationController
  def new
    @user = User.new
  end
  
  def create
    @user = User.find_by(email: params[:email])
    if @user.password == params[:password]
      session[:user_id] = @user.id
      redirect_to @user
    end
  end
  
  def destroy
    reset_session
    redirect_to @user
  end
end

<%= form_with url: '/login' do |form| %>
	<%= form.label :email %>
	<%= form.text_field :email %>

	<%= form.label :password %>
	<%= form.text_field :password %>

	<%= form.submit %>
<%= end %>

Helper methods

class ApplicationController < ActionController::Base
  helper_method :logged_in?, :current_user
  
  def logged_in?
    session[:user_id]
  end
  
  def current_user
    @current_user ||= User.find(session[:user_id]) if logged_in?
  end
  
  def authenticate_user
    redirect_to login_path unless logged_in?
  end
end

Personalizing view

<% if logged_in? %>
	<h1> Welcome <%= current_user.name %> </h1>
<% else %>
	<h1> Please Sign Up! </h1>
<% end %>

# in controller
before_action :authenticate_user

BCrypt

https://www.rubydoc.info/gems/bcrypt-ruby/3.1.5

SimonHeeeee

关注

0
点赞
踩
0

收藏

觉得还不错? 一键收藏
0
评论
Ruby on Rails: Form and Authentication 表以及用户登陆与退出

FormThe  destination  urlWhether  the  data  is  associated  with  a  modelThe  field  namesThe  field  input  typesThe  display  name  of  fieldsWith URL:<%= form_with url: '/login' do |form| %> <%= form.label :email %> <%= form.
复制链接

扫一扫