Todo List using Rails 2.0.1 with ‘act as authenticated’

I’ve been looking at Rails examples for well over a year now. I’ve seen a lot of todo list examples, forum examples, and others. The one thing missing from these examples is authentication. I mean what kind of web app does not have authentication? Logging in / logging out and having other records attached to your user ID is a must for any real webapp.

In this tutorial I’ll show you how to build a todo list app, with authentication.

rails realtodo
cd realtodo
rake db:create

The act as authenticated plugin must be downloaded and installed first.

script/plugin install

More information on this plugin can be found here.

Now using the new plugin generated the authentication

ruby script/generate authenticated user account

Add the AuthenticatedSystem to /app/controllers/application.rb

class ApplicationController < ActionController::Base helper :all # include all helpers, all the time include AuthenticatedSystem
And now our todo list. generated just like before.

script/generate scaffold Todo title:string body:text done:boolean due:datetime

We also need to add the user_id column to the Todo, we don’t do this in scaffolding so that we don’t have to removed user_id from all of the generated forms.

script/generate migration add_user_id_to_todo

edit the generated file /db/migrate/003_add_user_id_to_todo.rb

class AddUserIdToTodo < ActiveRecord::Migration def self.up add_column :todos, :user_id, :integer end def self.down remove_column :todos, :user_id end end

modify the todo.rb and user.rb files. We need to add the one to many relation


class Todo < ActiveRecord::Base belongs_to :user end

/app/models/user.rb (Lots of stuff in this generated class, just add has_many :todos

class User < ActiveRecord::Base # Virtual attribute for the unencrypted password attr_accessor :pass has_many :todos
Change the todo controller so that login is required by adding
near the top of the controller.


class TodosController < ApplicationController before_filter :login_required

act_as_authenticated adds the curent_user object everywhere. This is great because we can just use it in our controller. We only want to show todo’s for each user, and other users should  not be able to see other users todos. To do this we need to change how todo are loaded and saved.

def index
#@todos = Todo.find(:all)
@todos = current_user.todos

def show
#@todo = Todo.find(params[:id])
@todo = current_user.todos.find(params[:id])

def new
#@todo =
@todo = current_user.todos.create

def edit
#@todo = Todo.find(params[:id])
@todo = current_user.todos.find(params[:id])

def create
#@todo =[:todo])
@todo = current_user.todos.create(params[:todo])

def update
#@todo = Todo.find(params[:id])
@todo = current_user.todos.find(params[:id])

def destroy
@todo = current_user.todos.find(params[:id])

With the controller created we now need an index page to link everything together.

delete the /public/index.html file

generate a new controller for the main page

script/generate controller Main

Define and index function on the main controller

  def index

and create a new view under views/main/index.rhtml

Todo lists

<% if current_user == :false %>
<%= link_to "Login",   {:controller => ‘account’, :action => ‘login’}%>

<%= link_to "Signup",  {:controller => ‘account’, :action => ‘signup’}%>
<% else %>
You are logged in as <%= current_user.login %>

<%= link_to "Todos", {:controller => ‘todos’, :action => ‘index’}%>

<%= link_to "Logout", {:controller => ‘account’, :action => ‘logout’}%>
<% end%>

Edit the account controller to return to the main index page by default

change every redirect_back_or_default(:controller => ‘/account’, :action => ‘index’) to
redirect_back_or_default(:controller => ‘/main’, :action => ‘index’)

add the following line to /config/routes.rb

 map.root :controller => “main”

from the command line
rake db:migrate

Thats it. Navigation between the todo lists and the index needs to be added, but we now have a complete working rails todo list webapp, with seperate todo lists for each user.

This entry was posted in Uncategorized. Bookmark the permalink.

9 Responses to Todo List using Rails 2.0.1 with ‘act as authenticated’

  1. lionking says:

    Great tutorial–concise, easy to follow and enough information to be useful. Look forward to more tuts.

  2. Pingback: Rob Mayhew » Robs Reminders r3 - Authentication and Base model

  3. Tony Mann says:

    Finally, one tutorial that has it all: authentication, dynamic home page, routing, resources, etc. This finally got me over the rails “hump”! Thanks.

  4. Elliot Yates says:

    Superb tutorial. I would remove some parts, as I feel they do not always add to the app (or are even required with new ruby releases), though still excellent. Many thanks

  5. Mahesh says:

    Thanks for this article. I’m a newbe in rails I struggled with the routing problem for a newly added action in my controller. After 1 full day I came across your site and your solution works fine.


  6. srb says:

    I couldn’t get your main page to work ..current_user was nil.

    using if logged_in? instead worked fine.

  7. Akem says:

    Nice tutorial. Great work Rob

  8. Brian Kenny says:

    Excellent article – thanks a million

  9. GreenStar says:

    I’m trying to do the script/plugin part but it keeps returning and telling me:

    “script” is not recognizable as an internal or external command, operable program or batch file.

    Any idea why?

Leave a Reply

Your email address will not be published. Required fields are marked *