Note that I had a hard time implementing the authentication function in Rails
A library for implementing authentication functions in Rails. Similarly, devise is one of the authentication functions, but sorcery is simpler and more customizable. Click here for sorcer's github
Gemfile
gem 'sorcery'
Terminal
$ bundle install
Terminal
$ rails g sorcery:install
By typing the above command, the migration file of the user model and database will be generated.
・ App / models / user.rb
・ Config / initializers / sorcery.rb
・ Db / migrate / yyyymmddhhmmss_sorcery_core.rb
db/migrate/yyyymmddhhmmss_sorcery_core.rb
class SorceryCore < ActiveRecord::Migration[5.2]
def change
create_table :users do |t|
t.string :name, null: false
t.string :email, null: false
t.string :crypted_password
t.string :salt, null: false
t.timestamps null: false
end
add_index :users, :email, unique: true
end
end
This time, let's assume that we have columns for name, email, and password.
--Added null: false to the required items.
--The reason for putting restrictions is that if you do not put restrictions on the database side, executing SQL or directly manipulating data may result in inconsistent data prohibited by the model.
--Add to add_index for items that you want to make uniqueness: true in the model.
The description method for add_index is as follows.
add_index: table name,: column name, unique: true
Terminal
$ rails db:migrate
--After describing the restrictions on migration, generate the users table with the above command.
app/modeks/user.rb
class User < ApplicationRecord
authenticates_with_sorcery!
validates :name, presence: true, length: { maximum: 255 } #Constraint length with length
validates :email, presence: true, uniqueness: true #Constraint uniqueness with uniqueness
validates :password, length: { minimum: 3 }, if: -> { new_record? || changes[:crypted_password] }
validates :password, confirmation: true, if: -> { new_record? || changes[:crypted_password] }
validates :password_confirmation, presence: true, if: -> { new_record? || changes[:crypted_password] }
end
--By writing presence: true, you can prevent SQL from saving in an empty state without inputting empty characters from the browser.
--Since I added the constraint (null: false and add_index: users,: email, unique: true) on the database side,
Let's also constrain (presence: true or uniqueness in validates) on the model side.
if: -> { new_record? || changes[:crypted_password] }
This description allows the user to omit entering the password if he / she wants to update a profile item other than the password.Terminal
$ rails g controller users new create
app/controllers/users_controller.rb
class UsersController < ApplicationController
def new
@user = User.new
end
def create
@user = User.new(user_params)
if @user.save
redirect_to login_path
else
render :new
end
end
private
def user_params
params.require(:user).permit(:name, :email, :password, :password_confirmation)
end
end
--If user registration is successful with create action, redirect to the login screen. If it fails, you can return to the login screen again.
ruby:app/views/users/new.html.erb
<%= form_with model: @user, local: true do |f| %>
<div class="form-group">
<%= f.label :name %>
<%= f.text_field :name, class: 'form-control' %>
</div>
<div class="form-group">
<%= f.label :email %>
<%= f.text_field :email, class: 'form-control' %>
</div>
<div class="form-group">
<%= f.label :password %>
<%= f.text_field :password, class: 'form-control' %>
</div>
<div class="form-group">
<%= f.label :password_confirmation %>
<%= f.text_field :password_confirmation, class: 'form-control' %>
</div>
<%= f.submit 'Registration', class: 'btn btn-primary' %>
<% end %>
<div class='text-center'>
<%= link_to 'Go to login page', login_path %>
</div>
--Template for user registration.
--How to use form_with.
Pass the entered value to the instance variable @user! Declared.
It can also be described as users_path.
The data entered here is sent to create.
The contents of the form are in user_params or params [: user].
Recommended Posts