Don't Forget to Check the Password

Day 59 of Flatiron School

Seth

2 minute read

lock on fence

Watching Avi build out the TodoMVC is an interesting thing and I’m happy I get to do it as part of my curriculum and showing what Rails does. That was the bulk of the new work I did tonight. Something that I ran into during my Sinatra project was getting all my associations to work properly. I had issues because of what I now know is called the Active Record Inflector. Now I have this handy table in my notebook:

Name Data
Model Author
Table authors
Foreign Key author_id
belongs_to :author
has_many :authors

This is going to make life easier, although, I’m pretty sure I’ll be building most of my migrations using generators in Rails. However, I’ll still have to fill in my models so this works as a helper for sure.

So… I went to a meetup tonight. I pretty loose one where we all just hung out and worked on whatever we needed to. I decided to work on making my Sinatra portfolio project even better. The largest thing I realized was that I hadn’t implemented authentication checking when people log in. So, I was checking that the username matched one in the db but I wasn’t checking to make sure the password was correct.

post '/login' do
  @user = User.find_by(username: params[:username])
  if !!@user
    session[:id] = @user[:id]
    redirect 'houses'
  else
   redirect 'login'
 end
end

So I added that in :-)

post '/login' do
  @user = User.find_by(username: params[:username])
  if @user && @user.authenticate(params[:password])
    session[:id] = @user[:id]
    redirect 'houses'
  else
   erb :'users/login'
 end
end

I also realized that this will not give me any errors when the password is incorrect. At least not in the @user.errors way that I was getting errors due to validations not passing. I had to figure out a way to display a username/password is incorrect message but only when the login fails. I solved that in the view.

<h1>Please Login:</h1>
<p>
  <% if !!@user %>
    <h3 style="color:red">Incorrect username or password.</h3>
  <% end %>
</p>

I still have some UX things to add in so navigation is easier from page to page instead of all of it happening for the most part from drop downs in the navbar but I’m pretty happy with where the app is at now for being in my portfolio.

Time spent today: 2:59
Time spent total: 220:01
Lessons completed today: 2
Lessons completed total: 447

comments powered by Disqus