Lesson Weekend

In this section of Rails, we learn how to add user authentication (signing in and out) to our Rails apps. We'll also learn about plain old Ruby objects (POROs), make API calls with RestClient, and use a gem to help us get complete test coverage (SimpleCov).

Here are the topics we will explore:

  • Authentication with bcrypt
  • Authentication with Devise
  • SimpleCov
  • API calls
  • Plain Old Ruby Objects
  • ActiveStorage

Note that the independent project will focus on authentication and testing. You will not be expected to make API calls, use POROs, or use ActiveStorage for the independent project.

Also note that in this section, you'll see more of a shift towards modular lessons with opportunities to explore further on your own. For the next two sections, you'll have to do a little additional work to piece things together. This is to help prepare you for real world development. You usually won't have a tutorial to guide you when you get stuck in your first dev job and that can be scary. It's best to get some of that fear out of the way now. While you may have to explore during your own during classwork, everything you need to know for the independent project is included in the lessons.

Independent Project Objectives


At the end of this section, you will complete an independent project. Your code will be reviewed for the following objectives:

  • Does the project include working authentication?
  • Does the project include working authorization, including separate roles for users and admins?
  • Does the project include required CRUD functionality?
  • Were all objectives from the last course section met (see below)?
  • Project is in a polished, portfolio-quality state.
  • The prompt’s required functionality and baseline project requirements are in place by the deadline.

Last Course Section's Objectives

  • Do routes follow proper convention, including a root route?
  • Does the project have the required validations and callbacks?
  • Does the project have the three scopes specified in the prompt? Are the scopes properly utilized in views?
  • Does the project include thorough unit and integration test coverage? Tests will need to be updated with authentication. Additionally admin & user access should be tested against each other. For example, testing that an admin can make a product and testing that a user can't make a product.
  • Is the database properly seeded with the Faker gem?
  • Are success and error flash messages used correctly?

Lesson 1 of 27
Last updated July 14, 2022