I’ve been looking at Rails examples for well over a year now. I’ve seen a lot of todo list examples, forum examples, and others. The one thing missing from these examples is authentication. I mean what kind of web app does not have authentication? Logging in / logging out and having other records attached to your user ID is a must for any real webapp.
In this tutorial I’ll show you how to build a todo list app, with authentication.
rails realtodo
cd realtodo
rake db:create
The act as authenticated plugin must be downloaded and installed first.
script/plugin install http://svn.techno-weenie.net/projects/plugins/acts_as_authenticated
More information on this plugin can be found here. http://wiki.rubyonrails.org/rails/pages/Acts_as_authenticated
Now using the new plugin generated the authentication
ruby script/generate authenticated user account
Add the AuthenticatedSystem to /app/controllers/application.rb
class ApplicationController < ActionController::Base
helper :all # include all helpers, all the time
include AuthenticatedSystem
And now our todo list. generated just like before.
script/generate scaffold Todo title:string body:text done:boolean due:datetime
We also need to add the user_id column to the Todo, we don’t do this in scaffolding so that we don’t have to removed user_id from all of the generated forms.
script/generate migration add_user_id_to_todo
edit the generated file /db/migrate/003_add_user_id_to_todo.rb
class AddUserIdToTodo < ActiveRecord::Migration def self.up add_column :todos, :user_id, :integer end def self.down remove_column :todos, :user_id end end
modify the todo.rb and user.rb files. We need to add the one to many relation
/app/models/todo.rb
class Todo < ActiveRecord::Base belongs_to :user end
/app/models/user.rb (Lots of stuff in this generated class, just add has_many :todos
class User < ActiveRecord::Base
# Virtual attribute for the unencrypted password
attr_accessor :pass
has_many :todos
Change the todo controller so that login is required by adding
near the top of the controller.
/app/controllers/todos_controller.rb
class TodosController < ApplicationController before_filter :login_required
act_as_authenticated adds the curent_user object everywhere. This is great because we can just use it in our controller. We only want to show todo’s for each user, and other users should not be able to see other users todos. To do this we need to change how todo are loaded and saved.
def index
#@todos = Todo.find(:all)
@todos = current_user.todos
def show
#@todo = Todo.find(params[:id])
@todo = current_user.todos.find(params[:id])
def new
#@todo = Todo.new
@todo = current_user.todos.create
def edit
#@todo = Todo.find(params[:id])
@todo = current_user.todos.find(params[:id])
def create
#@todo = Todo.new(params[:todo])
@todo = current_user.todos.create(params[:todo])
def update
#@todo = Todo.find(params[:id])
@todo = current_user.todos.find(params[:id])
def destroy
@todo = current_user.todos.find(params[:id])
@todo.destroy
With the controller created we now need an index page to link everything together.
delete the /public/index.html file
generate a new controller for the main page
script/generate controller Main
Define and index function on the main controller
def index
end
and create a new view under views/main/index.rhtml
Todo lists
<% if current_user == :false %>
<%= link_to "Login", {:controller => ‘account’, :action => ‘login’}%>
<%= link_to "Signup", {:controller => ‘account’, :action => ‘signup’}%>
<% else %>
You are logged in as <%= current_user.login %>
<%= link_to "Todos", {:controller => ‘todos’, :action => ‘index’}%>
<%= link_to "Logout", {:controller => ‘account’, :action => ‘logout’}%>
<% end%>
Edit the account controller to return to the main index page by default
change every redirect_back_or_default(:controller => ‘/account’, :action => ‘index’) to
redirect_back_or_default(:controller => ‘/main’, :action => ‘index’)
add the following line to /config/routes.rb
map.root :controller => “main”
from the command line
rake db:migrate
script/server
Thats it. Navigation between the todo lists and the index needs to be added, but we now have a complete working rails todo list webapp, with seperate todo lists for each user.