- Foreword to the First Edition
- Acknowledgments
- About the Author
- From Zero to Deploy
- Development Environments
- Ruby RubyGems Rails and Git
- The First Application
- rails server
- Model-view-controller MVC
- Version Control with Git
- What Good Does Git Do You
- GitHub
- Branch Edit Commit Merge
- Deploying
- Heroku Setup
- Conclusion
- A Demo App
- Planning the Application
- Modeling Demo Users
- Modeling Demo Microposts
- The Users Resource
- A User Tour
- MVC in Action
- Weaknesses of this Users Resource
- The Microposts Resource
- A Micropost Microtour
- Putting the micro in Microposts
- A User has many Microposts
- Inheritance Hierarchies
- Deploying the Demo App
- Conclusion
- Static Page
- Mostly Static Pages
- Truly Static Pages
- Static Pages with Rails
- Our First Tests
- Test-driven Development
- Adding a Page
- Testing a Title Change
- Passing Title Tests
- Embedded Ruby
- Eliminating Duplication with Layouts
- Conclusion
- Advanced Setup
- Eliminating bundle exec
- Automated Tests with Guard
- Speeding up Tests with Spork
- Tests inside Sublime Text
- Rails-Flavored Ruby
- Strings and Methods
- Objects and Message Passing
- Method Definitions
- Other Data Structures
- Blocks
- Hashes and Symbols
- CSS revisited
- Ruby Classes-Constructors
- Class Inheritance
- Modifying Built-in Classes -A Controller Class
- A User Class
- Conclusion-Exercises
- Adding Some Structure
- Site Navigation
- Bootstrap and Custom CSS
- Partials
- Sass and the Asset Pipeline
- Syntactically Awesome Stylesheets
- Layout Links
- Route Tests
- Rails Routes
- Named Routes
- Pretty RSpec
- User Signup A First Step
- Signup URI
- Conclusion-Exercises
- Modeling Users
- User Model
- Database Migrations
- The Model File
- Creating User Objects
- Finding User Objects
- Updating User Objects
- User Validations
- Validating Presence
- Length Validation-Format Validation
- Uniqueness Validation
- Adding a Secure Password
- An Encrypted Password
- Password and Confirmation
- User Authentication
- User Has Secure Password
- Creating a User
- Conclusion-Exercises
- Showing Users
- Debug and Rails Environments
- A Users Resource
- Testing the User Show Page with Factories
- A Gravatar Image and a Sidebar
- Signup Form
- Tests for User Signup
- Using form for
- The Form HTML
- Signup Failure
- Signup Error Messages
- The Finished Signup Form
- The Flash
- Deploying to Production with SSL
- Conclusion-Exercises
- Sessions and Signin Failure
- Sessions Controller
- Signin Tests
- Signin Form
- Reviewing Form Submission
- Rendering with a Flash Message
- Signin Success
- Remember Me
- A Working sign in Method
- Current User
- Changing the Layout Links
- Signin upon Signup
- Signing Out
- Introduction to Cucumber Optional
- Installation and Setup
- Features and Steps
- Counterpoint RSpec Custom Matchers
- Conclusion-Exercises
- Updating Users
- Edit Form
- Unsuccessful Edits
- Successful Edits
- Authorization
- Requiring Signed-in Users
- Requiring the Right User
- Friendly Forwarding
- Showing All Users
- User Index
- Sample Users
- Pagination
- Partial Refactoring
- Deleting Users-Administrative Users
- The destroy Action
- Conclusion-Exercises
- A Micropost Model
- The Basic Model
- Accessible Attributes and the First Validation
- User Micropost Associations
- Micropost Refinements
- Content Validations
- Showing Microposts
- Augmenting the User Show Page
- Sample Microposts
- Manipulating Microposts
- Access Control
- Creating Microposts
- A Proto-feed
- Destroying Microposts
- Conclusion-Exercises
- Following Users
- The Relationship Model
- A Problem with the Data Model and a Solution
- User Relationship Associations
- Validations
- Followed users
- Followers
- Sample Following Data
- Stats and a Follow Form
- Following and Followers Pages
- A Working Follow Button the Standard Way
- A Working Follow Button with Ajax
- Making the output of find readable in shell
- CRUD Operation-Create
- The Status Feed
- Motivation and Strategy
- A First Feed Implementation
- Subselects
- The New Status Feed
- Conclusion
- Exercises
Ruby On Rails Lesson
User Has Secure Password
In previous versions of Rails, adding a secure password was difficult and time-consuming, as seen in the Rails 3.0 version of the Rails Tutorial, 16 which covers the creation of an authentication system from scratch. But web developers’ understanding of how best to authenticate users has matured enough that it now comes bundled with the latest version of Rails. As a result, we’ll complete the implementation of secure passwords (and get to a green test suite) using only a few lines of code. First, we need to make the password and password_confirmation columns accessible (Section 6.1.2) so that we can instantiate new users with an initialization hash:
password: "foobar", password confirmation: "foobar")
Following the model in Listing 6.6, we do this by adding the appropriate symbols to the list of accessible attributes:
Second, we need presence and length validations for the password, the latter of which uses the :minimum key in analogy with the :maximum key from Listing 6.15:
Next, we need to add password and password_confirmation attributes, require the presence of the password, require that they match, and add an authenticate method to compare an encrypted password to the password_digest to authenticate users. This is the only nontrivial step, and in the latest version of Rails all these features come for free with one method, has_secure_password:
As long as there is a password_digest column in the database, adding this one method to our model gives us a secure way to create and authenticate new users. (If has_secure_password seems a bit too magical for your taste, I suggest taking a look at the source code for secure password.rb, which is well-documented and quite readable. You’ll see that, among other things, it automatically includes a validation for the password_digest attribute. In Chapter 7, we’ll see that this is a mixed blessing.)
Finally, we need a presence validation for the password confirmation:
Putting these three elements together yields the User model shown in Listing 6.30, which completes the implementation of secure passwords.
You should confirm at this point that the test suite passes:
Pooja Negi
Skills Ruby On Rails
Qualifications :- High School - SSN high school, College/University - HNBGU, College/University - SRHU,Location :-Ranipokhari,Rishikesh,Uttarakhand,India
Description:- Student
Explore