我们知道rails已经有几个成熟的用户验证系统,如devise等,那么我们为什么要自己打造呢?
- 从实际使用看,用户登录系统有很多需要定制的地方,与其困难的修改成熟gem,不如自己打造
- 现成的系统是黑匣子,自己写会更了结
- 现在的rails对自己打造验证系统支持非常好
- 如果之后需要第三方登录,你会更了解它,更容易修改
一 user model
执行命令
git checkout -b modeling-users
rails g model User name:string email:string
rails db:migrate
修改model app/model/user.rb
class User < ApplicationRecord
validates :name, presence :true, length: { maximum: 50 }
VALID_EMAIL_REGEX = /\A[\w+\-.]+@[a-z\d\-.]+\.[a-z]+\z/i
validates :email, presence :true, length: { maximum: 255}, format: { with: VALID_EMAIL_REGEX }, uniqueness: { case_sensitive: false }
//(验证邮箱是否存在,长度,格式,唯一性,不区分大小写)
end
为email增加索引
rails g migration add_index_to_users_email
修改对应的migrate
def change
add_index :users, :email, unique: true
end
rails db:migrate
修改model,最前面加上如下语句,其中右侧self省略了,而前面的不可以
before_save { self.email = email.downcase }
A hashed password
在model中增加 has_secure_password ,然后增加password_digest列,增加了这个列has_secure_password才能启到作用。
rails g migration add_password_digest_to_users password_digest:string
修改对应migrate
def change
add_column :users, :password_digest, :string
end
rails db:migrate
has_secure_password这个method使用bcrypt这个gem,所以加上它
gem 'bcrypt', '3.1.11'
bundle install
model中增加密码验证
validates :password, presence: true, length: { minimum: 6 }
提交git,合并
git add -A
git commit -m "Make a basic User model (including secure passwords)"
git checkout master
git merge modeling-users
git push
二 Sign up
git checkout -b sign-up
修改config/routes.rb,增加
resources :users
增加页面,touch app/views/users/show.html.erb
<%= @user.name %>, <%= @user.email %>
app/controllers/users_controller.rb
def show
@user = User.find(params[:id])
end
def new
@user = User.new
end
def create
@user = User.new(user_params)
if @user.save
flash[:success] = "Welcome to the Sample App!"
redirect_to @user
else
render 'new'
end
end
private
def user_params
params.require(:user).permit(:name, :email, :password, :password_confirmation)
end
end
app/views/users/new.html.erb
<% provide(:title, 'Sign up') %>
Sign up
<%= form_for(@user) do |f| %>
<%= render 'shared/error_messages' %>
<%= f.label :name %>
<%= f.text_field :name, class: 'form-control' %>
<%= f.label :email %>
<%= f.email_field :email, class: 'form-control' %>
<%= f.label :password %>
<%= f.password_field :password, class: 'form-control' %>
<%= f.label :password_confirmation, "Confirmation" %>
<%= f.password_field :password_confirmation, class: 'form-control' %>
<%= f.submit "Create my account", class: "btn btn-primary" %>
<% end %>
错误信息提示
mkdir app/views/shared
touch app/views/shared/_error_messages.html.erb
<% if @user.errors.any? %>
The form contains <%= pluralize(@user.errors.count, "error") %>.
<% @user.errors.full_messages.each do |msg| %>
- <%= msg %>
<% end %>
<% end %>
app/assets/stylesheets/custom.scss
/* forms */
input, textarea, select, .uneditable-input {
border: 1px solid #bbb;
width: 100%;
margin-bottom: 15px;
@include box_sizing;
}
input {
height: auto !important;
}
#error_explanation {
color: red;
ul {
color: red;
margin: 0 0 30px 0;
}
}
.field_with_errors {
@extend .has-error;
.form-control {
color: $state-danger-text;
}
}
设置flash提醒
git add -A
git commit -m "Finish user signup"
git checkout master
git merge sign-up
SSL in production
basic login
rails generate controller Sessions new
Rails.application.routes.draw do
root 'static_pages#home'
get '/help', to: 'static_pages#help'
get '/about', to: 'static_pages#about'
get '/contact', to: 'static_pages#contact'
get '/signup', to: 'users#new'
get '/login', to: 'sessions#new'
post '/login', to: 'sessions#create'
delete '/logout', to: 'sessions#destroy'
resources :users
end