Exercise Monday

Goals: Implement user authentication with the bcrypt gem. Additionally, use the SimpleCov gem to keep your tests DRY and thorough. Practice making API calls in a Rails application, explore using POROs, and try testing any API calls you make.

Warm Up


  • What is a PORO? When should we use one?
  • Walk through the steps in the authentication process with your partner once more, referring to the lessons as necessary.
  • Why don't we need to worry about CORS when making an API call from a Ruby application?

Code


API-Based Application

Build an application around an API of your choice that uses authentication. For possible sources of inspiration, see this list of public APIs. You should build out the project in the following order to prioritize authentication and authorization, which will be required for this section's independent project.

  • First, add authentication with bcrypt. Your site should have options to sign up, sign in and sign out users. Don't move on to the next step until authentication is fully implemented.

  • Next, add a protected route that only signed-in users can access. The view for this route should just be boilerplate for now. For instance, if a signed-in user tries to access the route, they will see a message that says: "Protected content reached." If a user that's not signed in tries to access the same route, they'll see a message that says: "You need to be signed in to access that content."

  • Once authentication and authorization are set up and working, add an API call to the mix. When a user signs in and goes to the protected page, they will be able to get content from the API. It's up to you to decide what content you want to present and how it should be presented.

You will not be required to make an API call for this course section's independent project. For that reason, making an API call is lower priority than properly setting up authentication and authorization.

Peer Code Review


  • Code meets all standards from previous course sections.
  • User authentication is successfully implemented.
  • Basic authorization is successfully implemented.
  • Project demonstrates understanding of this course section's concepts thus far.

Lesson 10 of 27
Last updated July 14, 2022