Skip to Main Content
Professional Ruby on Rails™
book

Professional Ruby on Rails™

by Noel Rappin
February 2008
Intermediate to advanced content levelIntermediate to advanced
479 pages
14h
English
Wrox
Content preview from Professional Ruby on Rails™

3.5. Authentication

Now that you're creating new users and storing their passwords securely, the next step is to allow the user to log in. This involves setting up two new actions in the user controller — login and logout — and setting up partial views to display the login form and logout link.

3.5.1. The Routes

Because you are adding new actions to the RESTful user controller, the place to start is in the routes.rb file. Change the entry for users to this:

map.resources :users, :new => {:login => :post},
    :member => {:logout => :get}

This line adds a new action for login, which operates on a new or unsaved user object, and another action for logout, which operates on a single existing user object. The login action is a POST, because data is being sent to the server, and logout is a GET, which I suppose is arguable but seemed the best choice because no additional data besides the user ID is being sent to the server.

The most commonly used RESTful plugin for authentication, called restful_authentication, does this a bit differently. It creates a Sessions controller where the login method is Sessions#create and logout is Sessions#delete. There's certainly value in maintaining REST consistency, but there's not a whole lot of practical difference between the two designs, unless you have other uses for a Sessions controller.

3.5.2. The Tests

The user tests for password management have already been written. Here are the controller tests for successful login, unsuccessful login, and ...

Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
and much more.
Start your free trial

You might also like

Ruby on Rails® Bible

Ruby on Rails® Bible

Timothy Fisher
Rails 4 in Action

Rails 4 in Action

Yehuda Katz, Rebecca Skinner, Stephen Klabnik, Ryan Bigg

Publisher Resources

ISBN: 9780470223888Purchase book