Heads up! To view this whole video, sign in with your Courses Plus account or enroll in your free 7-day trial. Sign In Enroll
Preview
Start a free Courses trial
to watch this video
In this video, we update our user editing form to include a password and password confirmation field and we create our first user. Download the Beginning of the Project or the Completed Project
[Master Class] [Designer and Developer Workflow] [Creating the User Form]
0:00
So now, we set up our new user scaffold and we can go back and see a list
0:05
and create a new user, but there's still a lot of work to be done
0:11
to turn this into a real authentication system.
0:14
For instance, we added a lot of interesting columns that authlogic will use,
0:17
however, our user model itself has not been set up to actually use those fields.
0:21
For instance, if we wanted to add the form for our users, and that's in app, views,
0:27
users, form, we have our email and name field.
0:35
And let's say we wanted to add a password field.
0:41
And we'll go ahead and say "password,"
0:49
and let's go ahead and make that a password field.
0:55
Now, we should get an error here when we create new user
1:00
because there's no method password, and that's because in our database
1:05
it's called "crypted password," and there's also a password salt.
1:08
So, when we actually set up our user to use the authlogic logic
1:13
it will actually create a password field that when it's submitted
1:18
will encrypt the password and store in the crypted password field.
1:22
Since we haven't said our user model is an authenticatable model,
1:27
these magic methods have not been added, so let's go ahead and do that.
1:31
To do that, it's pretty simple.
1:36
We're going to go to app, models, and open up our user model.
1:38
Now, the simplest way to set this up is to use a method called "acts_as_authentic."
1:44
Now, we can just do that, and if we want to add configuration we can pass a block to it
1:52
and pass it some configuration options, but so far, we don't need that quite yet.
1:57
So, let's just leave acts_as_authentic, and this will include all of the information
2:02
and all of the logic for handling all those magical methods,
2:06
handling password crypting and all sorts of other good stuff.
2:10
So, let's save this out and if we go back, you'll now see that password works
2:15
because as we added the acts_as_authentic, it gives us a password field.
2:20
Now, there's one more field we want to add, and that's the password confirmation.
2:26
Be default, if we try to type this in, let's go ahead and see what happens.
2:31
We'll say "jim@carsonified" and "Jim Hoskins."
2:35
We're going to get an error saying our password confirmation is too short,
2:46
and that's because by default, it requires a password confirmation field,
2:50
and this is just another magic method where we'll add a field called "password confirmation"
2:55
and during the validation process it will confirm that password
2:59
and password confirmation are the same.
3:03
So, that's pretty easy to fix, and I'm going to add this to our form
3:06
so when Nick starts designing this form he'll have the fields,
3:10
and he'll be able to lay them out and style them properly.
3:13
So, we can go ahead and say "confirmation."
3:18
Let's see if that gets us what we want.
3:26
So, we'll just go to /user/new and here we have our information again.
3:29
So, let's try that again.
3:34
And let's just give it the wrong password.
3:40
So now, we see that it's actually checking the two against each other,
3:43
and since I didn't give them the same password it's not going to validate,
3:45
and we can't register.
3:49
So, I'm just going to edit this to be a matching password,
3:51
and now we've created a user, or you could say that we've registered.
3:56
Now, if we actually wanted to see what our user looked like in the database
4:01
we could actually open up our Rails console,
4:04
and we could take a look at the information for our user.
4:07
So, what I'll do is we'll just say "puts user.first.to_yaml."
4:11
So, we're grabbing the first user out of the database and just
4:21
printing out the yaml version.
4:24
So, we can see it has the name of Jim Hoskins, and we have our single access token
4:27
which we don't need right now, and if go down here, we can see our crypted password,
4:33
and this is what's actually stored in the database for my password.
4:38
Now, to tell you my password that I used here was just the word password,
4:41
but when it encrypted it, it creates a very long string
4:45
that any time we try to log in using password, it should generate the same string,
4:49
and if they match, then log in should work, and this is the salt
4:53
that is added to my password before actually encrypting it.
4:56
Then you can see we have our other fields.
5:00
We have our current log in IP, anything with our log in is going to be zero
5:02
because we've never logged in before, but that just gives you
5:05
an idea of what it looks like in the database.
5:08
Instead of storing our plain text password, it actually went ahead and encrypted it.
5:11
So, we can go back, and we can see our list of users.
5:17
You need to sign up for Treehouse in order to download course files.
Sign up