This course will be retired on February 24, 2020.
Bummer! This is just a preview. You need to be signed in with a Pro account to view the entire video.
Start a free Basic trial
to watch this video
Now that our user model is set up, we can use the rails feature of "has_secure_password" to add in authentication functionality to our user model.
Code Snippets
Email address format validation:
validates :email, presence: true,
uniqueness: true,
format: {
with: /\A[A-Za-z0-9._%+-]+@[A-Za-z0-9\.-]+\.[A-Za-z]+\Z/
}
-
0:00
Okay so we've got our user models set up and tested and
-
0:03
we've got some validations in place for the email.
-
0:07
Now let's go ahead and say that our user model has
-
0:11
a secure password and see how that goes.
-
0:18
I am expecting everything to fail.
-
0:22
And it did because we are now missing the password digest.
-
0:28
Now what happens when we use this has_secure_password method is,
-
0:33
we get a couple virtual attributes on our user model.
-
0:37
Basically, what it's doing is saying, we've got an attribute for
-
0:44
password and password_confirmation.
-
0:49
And when somebody enters these, it's going to make sure they're both there and
-
0:53
that they match each other.
-
0:55
If it is, then it's going to encrypt those and
-
0:57
save it in the password digest attribute.
-
1:00
Now we don't have to worry about that,
-
1:02
because has_secure_password already does it for us.
-
1:05
However, what we are gonna need to do is change our valid attribute here
-
1:12
so that when these new models get created and saved, those validations run.
-
1:17
So we'll say password is treehouse1234.
-
1:20
And the password confirmation is also treehouse1234.
-
1:28
That's not my actual password, by the way.
-
1:33
My actual password has a five on the end of it.
-
1:35
Just kidding.
-
1:39
Let's go ahead and run that again and make sure it works.
-
1:43
Okay, good.
-
1:45
And let's go ahead and we'll add one more validation to make sure that the email
-
1:49
address looks like an email address.
-
1:58
So let's say, user.email is jason.
-
2:08
And we'll expect the user to not be valid.
-
2:10
Uh-oh, it was valid.
-
2:14
Well that makes sense, we haven't written anything yet.
-
2:19
So let's go ahead and add a format to it.
-
2:25
And this is just a regular expression that checks to make
-
2:28
sure we have some combination of valid characters and a @ sign.
-
2:32
As well as some valid combination of characters, a dot and
-
2:35
some other valid combination of characters.
-
2:38
Let's go ahead and run it again and make sure that that passes.
-
2:47
Okay, that looks good.
-
2:50
Let's run all of our tests and
-
2:51
see if anything else got messed up after we added the validations.
-
3:04
Wow, looks like we have a bunch more failures here inside of
-
3:08
the users_controllers_spec.
-
3:10
Let's go ahead and see what's going on there.
-
3:18
Well, it looks like we've got all these valid attributes in here as well.
-
3:23
So let's go ahead and fix all that.
-
3:26
So we've got first name, last name
-
3:41
We'll go ahead and set in password and password confirmation.
-
3:53
Okay, let's see if that fixed anything.
-
4:06
Looks like we still have a few failures here on line 68, 62, and 56.
-
4:16
So, let's go ahead and
-
4:17
see what's going on in the user's controller spec on these lines.
-
4:23
So, when we're posting to the create method, it is not changing the user count.
-
4:32
And, let's take a look at why.
-
4:34
And the reason actually has to do with strong parameters.
-
4:37
So we're requiring the user parameter, but
-
4:40
we're not sending along the password digest.
-
4:43
Instead we're sending along the password and the password confirmation.
-
4:52
Let's go ahead and run all that again and see what happens.
-
5:02
Okay, perfect.
-
5:04
Now we've done all of this,
-
5:06
but we don't know how this looks in the actual application just yet.
-
5:10
So let's go ahead and run our server and see what everything looks like.
-
5:22
So, if we go to local host, we've still got all of our to do list here.
-
5:25
This is still pretty separated from what's going on.
-
5:29
We have nothing going on with the users action because we removed it.
-
5:34
But if we go to user/new
-
5:41
we've got all these different fields for first name, last name, email and
-
5:44
password digest because that was what we created in the scaffold.
-
5:49
So let's go ahead, close all this, and fix that.
-
5:57
And that's going to be in our app > views > users directory.
-
6:03
We'll go ahead and edit the form.
-
6:07
Actually, if we go to its new page right here, let's say Register for ODOT.
-
6:14
All right, that looks much better.
-
6:18
So now instead of password_digest, what we want is password and
-
6:21
password confirmation.
-
6:30
And instead of being text fields, We want these to be password fields.
-
6:44
Okay.
-
6:49
That looks good.
-
6:49
Let's go back to this page here and reload it.
-
6:53
Okay, that looks nice.
-
6:57
Now before we actually do any of this, I'm gonna stop my server here and
-
7:02
let's go ahead and write a feature test for it.
-
7:06
So let's make a directory under spec/features/users and
-
7:14
we'll call this registration_spec.
-
7:19
Okay.
-
7:20
Close these files here.
-
7:32
Now let's go ahead and describe Signing up.
-
7:38
So what do we want to do?
-
7:39
It requires a user to sign up for the site.
-
7:59
So, let's go ahead and make sure we have no users here.
-
8:09
And we'll visit the root page, and you know what?
-
8:12
Let's expect the page to have the content sign up.
-
8:19
And when we click the sign up link, we'll get to that sign up form we just saw.
-
8:28
And we'll fill_in the First Name with Jason.
-
8:34
We'll fill_in
-
8:39
the Last Name with Seifer.
-
8:47
We'll fill_in the Email with jason@teamtreehouse.com,
-
8:51
that's one too many e's, but whatever.
-
9:04
And we'll make that say Password (again).
-
9:07
We'll click_button Sign Up.
-
9:14
And then we will expect the count of users to be one.
-
9:22
Now, there are a couple things here that have not been correctly mapped just yet,
-
9:26
so let's go ahead and watch that fail.
-
9:34
Okay, first thing we don't have the text sign up.
-
9:36
Let's go ahead and add that.
-
9:39
So here's our route.
-
9:46
So we've got the user resource there which means if we wanted to open up
-
9:50
our application layout, we could add another item here.
-
9:55
It says link_to Sign Up,
-
9:59
new_user_path.
-
10:03
Now let's see what happens.
-
10:06
Unable to find the field First Name.
-
10:09
Well, we saw that here, but actually if you look, it is lowercase.
-
10:13
So let's go ahead and edit our labels to make that look correct.
-
10:20
And we can do that by saying label :first_name, "First Name.",
-
10:23
just add a comma and that will change the label.
-
10:31
And instead of password confirmation we'll say Password (again).
-
10:41
And we'll change our submit button to say Sign-Up.
-
10:45
Now if we run that again, let's see what happens.
-
10:50
All right, that looks good.
-
10:51
Looks like we can actually register for the system.
-
10:54
In our next video,
-
10:56
we’re going to learn how to actually make that log us in to our account.
You need to sign up for Treehouse in order to download course files.
Sign up