User Authentication + CRUD Application with Ruby on Rails
A simple guide to creating a CRUD application and implementing user authentication with Ruby on Rails.
This tutorial is designed to walk you through the steps necessary to set up a CRUD (create, read, update, delete) Ruby on Rails application with user authentication. You’ll be able sign up, login, logout, as well as view, edit and destroy user accounts.
This guide does not cover error handling or validation. However, I hope it’ll serve as a solid base for you to further build upon.
To Begin
Let’s start by creating our Rails application.
rails new user-app
cd user-app
If you prefer to use PostgreSQL, add -d postgresql
to the end of your rails new
command. Additionally, make sure to run rails db:create
before migrating your database.
Install Bcrypt
We’ll be using the Bcrypt gem to encrypt our user passwords.
Add gem ‘bcrypt’, ‘~> 3.1.7’
to your gemfile.
Then, run bundle install
.
Generate User Model
For this application, we’ll only have one user
model.
rails g model user username password_digest
Your schema should appear as above.
Run rails db:migrate
.
Add has_secure_password
to your user model. This macro will allow us to use all the necessary bcrypt methods.
./app/models/user.rbclass User < ApplicationRecord
has_secure_password
end
Generate Controllers
We need to create two controllers for our application. A users
controller and a sessions
controller.
rails g controller users new create show edit update destroy
rails g controller sessions welcome new create destroy
Our user
controller will handle the creation of user accounts. The session
controller will be responsible for creating our sessions, i.e. logging our users in and logging them out.
Route Configuration
Navigate to config/routes.rb
. You should see some already existing routes. Go ahead and delete those. We’ll be setting up our own.
At the very top we are configuring our root path to sessions#welcome
. Our user routes are being automatically generated with resources :users
. The session routes need to be individually listed out below. We can verify that all our routes have been setup correctly by visiting http://localhost:3000/rails/info/routes.
Helper Methods
We’ll be creating two helper methods inside our ApplicationController
. These methods will be used to determine if a user is currently logged in and who the user is.
Users Controller
Update the UsersController
to be as below.
Sessions Controller
Now we need to update the sessions controller.
Navigation Bar
Time to move on to the views. Let’s create a partial view for our nav bar. Create a file called _nav.erb
inside our views/layouts folder. We’ll keep it simple with just three links to our login, signup and logout pages. We can use our helper methods to determine what specific buttons to show if a user is logged in.
./app/views/layouts/_nav.erb<% if !logged_in? %>
<%= link_to "Login", login_path %>
<%= link_to "Sign Up", new_user_path %>
<% else %>
<%= link_to "Log Out", logout_path, method: :delete %>
<% end %>
While in the same folder, navigate to application.html.erb
. We want our nav bar to appear on all pages. So, we’ll render our nav bar right above our yield statement.
<body>
<%= render 'layouts/nav' %>
<%= yield %>
</body>
Sign Up Page
Next, let’s create our form for the sign up page. Add the below code to ./app/views/users/new.html.erb
.
Login Page
Our login page form will look very similar to the sign up form. Navigate to ./app/views/sessions/new.html.erb
. The only change we need to make is update model: @user
to url: "/login”
.
Edit Account Page
Our edit form will be identical to our sign up form.
User Show Page
Finally, create the user show page.
./app/views/users/show.html.erb<h1>Welcome <%= current_user.username %></h1><%= link_to "Edit Account", edit_user_path(current_user) %>
<%= link_to "Delete Account", current_user, data: { confirm: "Are you sure?" }, method: :delete %>
Conclusion
And we’re done! At this point you should be able to create a new account and test out all the functionality.
Run rails s
to start the server.
If you click on Sign Up the below form should appear.
Add in your information and voila! You have successfully created your account.