1 00:00:00,000 --> 00:00:05,000 [Master Class] [Designer and Developer Workflow] [Choosing Libraries] 2 00:00:05,000 --> 00:00:08,000 So, now I have the latest and greatest version of Easy Jobs 3 00:00:08,000 --> 00:00:12,000 with Nick's basic layout sort of set up right now. 4 00:00:12,000 --> 00:00:16,000 There's still a lot more visual design to work on, but while he's working on that, 5 00:00:16,000 --> 00:00:21,000 what I want to work on is adding some sort of authentication to our system. 6 00:00:21,000 --> 00:00:26,000 Basically, right now, anybody can just go to the site, click "new job" and go back. 7 00:00:26,000 --> 00:00:29,000 They could edit any job that's already there, 8 00:00:29,000 --> 00:00:32,000 and that's not really what we want, obviously. 9 00:00:32,000 --> 00:00:35,000 So, what we need to do is have a way that people can sign up for Easy Jobs 10 00:00:35,000 --> 00:00:41,000 in order to post jobs as well as edit and remove the jobs that they post. 11 00:00:41,000 --> 00:00:44,000 So, that's actually two separate systems that we need to handle. 12 00:00:44,000 --> 00:00:50,000 The first is authentication, and authentication is just handling the ability to authenticate 13 00:00:50,000 --> 00:00:54,000 or prove who someone is, so we're going to be able to register and then 14 00:00:54,000 --> 00:00:58,000 they'll be able to sign in with maybe an email address and password. 15 00:00:58,000 --> 00:01:02,000 But the second layer to that is authorization, and authorization is the system 16 00:01:02,000 --> 00:01:06,000 that defines what a person who is logged in can or cannot do. 17 00:01:06,000 --> 00:01:10,000 For instance, somebody who's logged in could create a new job 18 00:01:10,000 --> 00:01:13,000 or edit any job that belongs to them, 19 00:01:13,000 --> 00:01:16,000 but they shouldn't be able to delete another job that they didn't create. 20 00:01:16,000 --> 00:01:20,000 So, what we're going to work on first is the authentication system. 21 00:01:20,000 --> 00:01:23,000 Now, there are a lot of different ways we could go to implement this. 22 00:01:23,000 --> 00:01:26,000 We could pretty much create our own authentication system, 23 00:01:26,000 --> 00:01:30,000 create a user, create some sort of system where they log in 24 00:01:30,000 --> 00:01:34,000 and we could check their email address and password and then keep that in the system. 25 00:01:34,000 --> 00:01:38,000 Now, there are a lot of different tools we could use for authentication in Rails, 26 00:01:38,000 --> 00:01:43,000 and really in any category of thing that we may want to do there are a lot of prebuilt tools. 27 00:01:43,000 --> 00:01:47,000 One site that I like to look at when trying to search for a prebuilt solution 28 00:01:47,000 --> 00:01:51,000 is a site called "Ruby Toolbox" 29 00:01:51,000 --> 00:01:58,000 and Ruby Toolbox is at ruby-toolbox.com, and what it does is it gathers and categorizes 30 00:01:58,000 --> 00:02:07,000 a lot of open-source code into the different tasks and problems that it solves. 31 00:02:07,000 --> 00:02:10,000 So, it's grouped into things like managing ActiveRecord encryption to 32 00:02:10,000 --> 00:02:15,000 all sorts of different ActiveRecord plug-ins, APIs, backups, integration testing, 33 00:02:15,000 --> 00:02:18,000 CSS frameworks, so many different things. 34 00:02:18,000 --> 00:02:22,000 But what we're looking for is Ruby on Rails authentication. 35 00:02:22,000 --> 00:02:28,000 So actually, down here we can see that there is a category called "Rails Authentication." 36 00:02:28,000 --> 00:02:31,000 So, if we click on that we'll get a list of different tools that we could use 37 00:02:31,000 --> 00:02:34,000 for handling Rails authentication. 38 00:02:34,000 --> 00:02:38,000 Now, the way that the tools are organized on this page are by a score 39 00:02:38,000 --> 00:02:42,000 that is calculated by the GitHub followers and GitHub forks. 40 00:02:42,000 --> 00:02:44,000 So, it's sort of a popularity ranking. 41 00:02:44,000 --> 00:02:52,000 So, right now, sort of the top three are devise, authlogic and restful authentication. 42 00:02:52,000 --> 00:02:57,000 There are several more, and many of these are very quality options, 43 00:02:57,000 --> 00:03:01,000 but the top ones are really devise and authlogic right now. 44 00:03:01,000 --> 00:03:05,000 A while back, restful authentication really used to be the go-to solution, 45 00:03:05,000 --> 00:03:08,000 and then authlogic really gained popularity, 46 00:03:08,000 --> 00:03:13,000 and right now it seems that devise is really sort of taking the lead role. 47 00:03:13,000 --> 00:03:15,000 I'm actually going to go with authlogic. 48 00:03:15,000 --> 00:03:17,000 It's a tool I like. 49 00:03:17,000 --> 00:03:20,000 It has about the right level of abstraction and flexibility, 50 00:03:20,000 --> 00:03:23,000 but devise is a great choice that you could use too. 51 00:03:23,000 --> 00:03:26,000 This is just my personal choice on this project. 52 00:03:26,000 --> 00:03:29,000 So, we'll be going through how to set up an authlogic system 53 00:03:29,000 --> 00:03:33,000 for managing our authentication. 54 00:03:33,000 --> 00:03:39,000 Now, we can go to the code on the GitHub page and it's at binarylogic/authlogic, 55 00:03:39,000 --> 00:03:43,000 and there's a little bit of documentation here giving you an overview of how it works. 56 00:03:43,000 --> 00:03:48,000 Basically, we'll create our own user model, and what authologic does 57 00:03:48,000 --> 00:03:53,000 is it uses the idea of a model called a "session," and to log in 58 00:03:53,000 --> 00:03:57,000 we create a new session, and to log out we delete one. 59 00:03:57,000 --> 00:04:02,000 And what authlogic provides is the logic for creating this sort of session, 60 00:04:02,000 --> 00:04:07,000 and we can create a new one by passing it an email address and password, 61 00:04:07,000 --> 00:04:12,000 and based on the configuration, it'll look for a user with matching credentials 62 00:04:12,000 --> 00:04:15,000 and create a session based on that. 63 00:04:15,000 --> 00:04:19,000 So, what we're going to do is basically go through the steps 64 00:04:19,000 --> 00:04:21,000 of creating a basic authlogic system.