This is the Rails 3 sample_app from Michael Hartl's book, Ruby on Rails 3 Tutorial. I have been using Devise for authentication on many projects, but I wanted to learn how to do authentication in Rails 3 from scratch so here I am. Whenever I do a tutorial, I like to keep a record of important terminal commands to reference in future projects, and I usually use part of the README file for this purpose.
- Note: Uses haml instead of erb.
- $ rails new sample_app -T
- $ cd sample_app/
- $ m .
- $ bundle install
-
$ rails generate rspec:install
-
$ rm public/index.html
-
$ git checkout -b static-pages
-
$ rails g controller Pages home contact
-
forgot to add haml-rails, and haml: Add to Gemfile: gem 'haml', '3.0.21' gem 'haml-rails', '0.3.1'
-
$ bundle install While the book uses Webrick, I will use unicorn and run tail in another terminal
Start unicorn server:
- $ unicorn_rails
- $ tail -f log/development.log
Add gem 'spork' to Gemfile:
- $ bundle install
- $ spork --bootstrap
Before Spork: [ markusarike@macbook ~/Documents/rails3/sample_app ]$ time rspec spec/ ..
Finished in 0.10247 seconds 2 examples, 0 failures
real 0m9.002s user 0m7.588s sys 0m1.329s
- $ spork => Using RSpec => Loading Spork.prefork block... => Spork is ready and listening on 8989!
In another terminal window:
- $ time rspec --drb spec/ ..
Finished in 0.23222 seconds 2 examples, 0 failures
real 0m6.521s user 0m0.858s sys 0m0.278s
Add to .rspec file in RAILS_ROOT directory: --colour --drb
- Removed spork from testing stack as tests that should pass are failing, unless I restart.
Add Blueprint CSS framework:
$ cp -r ~/Downloads/joshuaclayton-blueprint-css-5d113e9/blueprint public/stylesheets
Skip Ruby review and move to chapter 5
Implement the erb layout in haml using the convention of naming partials as filename.haml instead of filename.html.haml
Add footer CSS
- split layout up using partials
Integration Tests:
$ rails g integration_test layout_links
- $ rails g controller Users new
- $ rm -rf spec/views
- $ rm -rf spec/helpers
-
$ rails g model User name:string email:string
-
$ rake db:migrate
Skip bundle install as annotate is already in Gemfile
-
$ annotate
-
Note: attr_accessible is important for preventing a mass assignment vulnerability, a distressingly common and often serious security hole in many Rails applications.
$ rails generate migration add_password_to_users encrypted_password:string
before_save callback
encrypt methods in User model
- Implement password system with "secure one-way hashing"
- Authenticating users will involve comparing the encrypted version of a submitted password to the (encrypted) password of a given user.
see page 254 for password hashing
- $ rails console --sandbox
require 'digest' def secure_hash(string) Digest::SHA2.hexdigest(string) end
password = "secret" salt = secure_hash("#{Time.now.utc}--#{password}") => "49e59abeeba784cb1543ba51b48c6c6cc19cfb793a8df407ac888a289aa89f31"
- Add salt column to users table
$ rails generate migration add_salt_to_users salt:string
7.3 Better User Views
Sign Up User
Integration Tests w/ rspec
- rails generate integration_test users
Create Sessions controller with:
- $ rails generate controller Sessions new
- $ rm -rf spec/views
- $ rm -rf spec/helpers
- include SessionsHelper
- use cookies utility supplied by Rails
- Note on tests through chapter 9: 63 examples, 0 failures
- added edit action to app/controllers/users_controller.rb and corresponding app/views/users/edit.html.haml
- added _error_messages.haml partial to app/views/shared
- added update action and tests
10.2.3 Friendly Forwarding
rails generate integration_test friendly_forwarding
10.3 Showing Users
- Add index action to UsersController
- Use faker gem and write rake task to fill development database with sample "fake" users
- Use rake -T to see if new task, rake db:populate shows up
$ rake db:populate
$ tail -f log/development.log User Load (0.3ms) SELECT "users"."id" FROM "users" WHERE (LOWER("users"."email") = LOWER('[email protected]')) LIMIT 1 AREL (0.3ms) INSERT INTO "users" ("name", "email", "created_at", "updated_at", "encrypted_password", "salt") VALUES ('Finn Medhurst', '[email protected]', '2011-04-04 19:16:43.307659', '2011-04-04 19:16:43.307659', '846b773830f660d48b75f86406d409201a3670fdbccf6120dcb47dafda0431bc', '8bd4bcaa2c61329f582f057104ccd644228c094a34543ab60726a58a359f8a4d')
etc.
creates 100 users with help of faker gem
rails generate migration add_admin_to_users admin:boolean
- git merge updating-users
Completed end of chapter exercises
Micropost
rails generate model Micropost content:string user_id:integer
Generate Integration Tests
rails generate integration_test microposts
Implement has_many :following, :through => "relationships"
rails generate model Relationship follower_id:integer followed_id:integer
Implemented the status feed and 152 tests all are passing