1 00:00:00,000 --> 00:00:05,000 [Master Class] [Designer and Developer Workflow] [Creating the User Form] 2 00:00:05,000 --> 00:00:11,000 So now, we set up our new user scaffold and we can go back and see a list 3 00:00:11,000 --> 00:00:14,000 and create a new user, but there's still a lot of work to be done 4 00:00:14,000 --> 00:00:17,000 to turn this into a real authentication system. 5 00:00:17,000 --> 00:00:21,000 For instance, we added a lot of interesting columns that authlogic will use, 6 00:00:21,000 --> 00:00:27,000 however, our user model itself has not been set up to actually use those fields. 7 00:00:27,000 --> 00:00:35,000 For instance, if we wanted to add the form for our users, and that's in app, views, 8 00:00:35,000 --> 00:00:41,000 users, form, we have our email and name field. 9 00:00:41,000 --> 00:00:49,000 And let's say we wanted to add a password field. 10 00:00:49,000 --> 00:00:55,000 And we'll go ahead and say "password," 11 00:00:55,000 --> 00:01:00,000 and let's go ahead and make that a password field. 12 00:01:00,000 --> 00:01:05,000 Now, we should get an error here when we create new user 13 00:01:05,000 --> 00:01:08,000 because there's no method password, and that's because in our database 14 00:01:08,000 --> 00:01:13,000 it's called "crypted password," and there's also a password salt. 15 00:01:13,000 --> 00:01:18,000 So, when we actually set up our user to use the authlogic logic 16 00:01:18,000 --> 00:01:22,000 it will actually create a password field that when it's submitted 17 00:01:22,000 --> 00:01:27,000 will encrypt the password and store in the crypted password field. 18 00:01:27,000 --> 00:01:31,000 Since we haven't said our user model is an authenticatable model, 19 00:01:31,000 --> 00:01:36,000 these magic methods have not been added, so let's go ahead and do that. 20 00:01:36,000 --> 00:01:38,000 To do that, it's pretty simple. 21 00:01:38,000 --> 00:01:44,000 We're going to go to app, models, and open up our user model. 22 00:01:44,000 --> 00:01:52,000 Now, the simplest way to set this up is to use a method called "acts_as_authentic." 23 00:01:52,000 --> 00:01:57,000 Now, we can just do that, and if we want to add configuration we can pass a block to it 24 00:01:57,000 --> 00:02:02,000 and pass it some configuration options, but so far, we don't need that quite yet. 25 00:02:02,000 --> 00:02:06,000 So, let's just leave acts_as_authentic, and this will include all of the information 26 00:02:06,000 --> 00:02:10,000 and all of the logic for handling all those magical methods, 27 00:02:10,000 --> 00:02:15,000 handling password crypting and all sorts of other good stuff. 28 00:02:15,000 --> 00:02:20,000 So, let's save this out and if we go back, you'll now see that password works 29 00:02:20,000 --> 00:02:26,000 because as we added the acts_as_authentic, it gives us a password field. 30 00:02:26,000 --> 00:02:31,000 Now, there's one more field we want to add, and that's the password confirmation. 31 00:02:31,000 --> 00:02:35,000 Be default, if we try to type this in, let's go ahead and see what happens. 32 00:02:35,000 --> 00:02:46,000 We'll say "jim@carsonified" and "Jim Hoskins." 33 00:02:46,000 --> 00:02:50,000 We're going to get an error saying our password confirmation is too short, 34 00:02:50,000 --> 00:02:55,000 and that's because by default, it requires a password confirmation field, 35 00:02:55,000 --> 00:02:59,000 and this is just another magic method where we'll add a field called "password confirmation" 36 00:02:59,000 --> 00:03:03,000 and during the validation process it will confirm that password 37 00:03:03,000 --> 00:03:06,000 and password confirmation are the same. 38 00:03:06,000 --> 00:03:10,000 So, that's pretty easy to fix, and I'm going to add this to our form 39 00:03:10,000 --> 00:03:13,000 so when Nick starts designing this form he'll have the fields, 40 00:03:13,000 --> 00:03:18,000 and he'll be able to lay them out and style them properly. 41 00:03:18,000 --> 00:03:26,000 So, we can go ahead and say "confirmation." 42 00:03:26,000 --> 00:03:29,000 Let's see if that gets us what we want. 43 00:03:29,000 --> 00:03:34,000 So, we'll just go to /user/new and here we have our information again. 44 00:03:34,000 --> 00:03:40,000 So, let's try that again. 45 00:03:40,000 --> 00:03:43,000 And let's just give it the wrong password. 46 00:03:43,000 --> 00:03:45,000 So now, we see that it's actually checking the two against each other, 47 00:03:45,000 --> 00:03:49,000 and since I didn't give them the same password it's not going to validate, 48 00:03:49,000 --> 00:03:51,000 and we can't register. 49 00:03:51,000 --> 00:03:56,000 So, I'm just going to edit this to be a matching password, 50 00:03:56,000 --> 00:04:01,000 and now we've created a user, or you could say that we've registered. 51 00:04:01,000 --> 00:04:04,000 Now, if we actually wanted to see what our user looked like in the database 52 00:04:04,000 --> 00:04:07,000 we could actually open up our Rails console, 53 00:04:07,000 --> 00:04:11,000 and we could take a look at the information for our user. 54 00:04:11,000 --> 00:04:21,000 So, what I'll do is we'll just say "puts user.first.to_yaml." 55 00:04:21,000 --> 00:04:24,000 So, we're grabbing the first user out of the database and just 56 00:04:24,000 --> 00:04:27,000 printing out the yaml version. 57 00:04:27,000 --> 00:04:33,000 So, we can see it has the name of Jim Hoskins, and we have our single access token 58 00:04:33,000 --> 00:04:38,000 which we don't need right now, and if go down here, we can see our crypted password, 59 00:04:38,000 --> 00:04:41,000 and this is what's actually stored in the database for my password. 60 00:04:41,000 --> 00:04:45,000 Now, to tell you my password that I used here was just the word password, 61 00:04:45,000 --> 00:04:49,000 but when it encrypted it, it creates a very long string 62 00:04:49,000 --> 00:04:53,000 that any time we try to log in using password, it should generate the same string, 63 00:04:53,000 --> 00:04:56,000 and if they match, then log in should work, and this is the salt 64 00:04:56,000 --> 00:05:00,000 that is added to my password before actually encrypting it. 65 00:05:00,000 --> 00:05:02,000 Then you can see we have our other fields. 66 00:05:02,000 --> 00:05:05,000 We have our current log in IP, anything with our log in is going to be zero 67 00:05:05,000 --> 00:05:08,000 because we've never logged in before, but that just gives you 68 00:05:08,000 --> 00:05:11,000 an idea of what it looks like in the database. 69 00:05:11,000 --> 00:05:17,000 Instead of storing our plain text password, it actually went ahead and encrypted it. 70 00:05:17,000 --> 00:05:20,000 So, we can go back, and we can see our list of users.