GioRosso · September 19, 2016 19:53 · May 30, 2015 · Jan 13, 2015 · Apr 9, 2014 · Apr 8, 2014
diff --git a/auth_with_bcrypt.md → authentication_with_bcrypt_in_rails_4.md b/auth_with_bcrypt.md → authentication_with_bcrypt_in_rails_4.md
diff --git a/simple_auth.md → auth_with_bcrypt.md b/simple_auth.md → auth_with_bcrypt.md
diff --git a/simple_auth.md b/simple_auth.md
@@ -266,6 +266,8 @@ You can see the final source code here: [repo](https://github.com/thebucknerlife
 16. You can update your application layout file to show the user's name if they're logged in and some contextual links.
 
     ```html+erb
+    <!-- app/views/layout/application.html.erb -->
+    
     <!DOCTYPE html>
     <html>
     <head>

diff --git a/simple_auth.md b/simple_auth.md
@@ -239,7 +239,7 @@ You can see the final source code here: [repo](https://github.com/thebucknerlife
       helper_method :current_user
 
       def authorize
-        redirect_to '/login' unless @current_user
+        redirect_to '/login' unless current_user
       end
 
     end
@@ -277,8 +277,8 @@ You can see the final source code here: [repo](https://github.com/thebucknerlife
     <body>
 
     # added these lines.
-    <% if @current_user %>
-      Signed in as <%= @current_user.name %> | <%= link_to "Logout", '/logout' %>
+    <% if current_user %>
+      Signed in as <%= current_user.name %> | <%= link_to "Logout", '/logout' %>
     <% else %>
       <%= link_to 'Login', '/login' %> | <%= link_to 'Signup', '/signup' %>
     <% end %>

diff --git a/simple_auth.md b/simple_auth.md
@@ -223,7 +223,7 @@ You can see the final source code here: [repo](https://github.com/thebucknerlife
       end
     ```
 
-14. Update the application controller with new methods to look up the user, if they're logged in, and save their user object to a variable called current\_user. The ``` helper_method ``` line below current\_user allows us to use ``` current_user ``` in our view files. Authorize is for sending someone to the login page if they aren't logged in - this is how we keep certain pages our site secure... user's have to login before seeing them.
+14. Update the application controller with new methods to look up the user, if they're logged in, and save their user object to a variable called @current\_user. The ``` helper_method ``` line below current\_user allows us to use ``` @current_user ``` in our view files. Authorize is for sending someone to the login page if they aren't logged in - this is how we keep certain pages our site secure... user's have to login before seeing them.
 
     ```ruby
     # app/controllers/application_controller.rb
@@ -234,12 +234,12 @@ You can see the final source code here: [repo](https://github.com/thebucknerlife
       protect_from_forgery with: :exception
 
       def current_user
-        current_user ||= User.find(session[:user_id]) if session[:user_id]
+        @current_user ||= User.find(session[:user_id]) if session[:user_id]
       end
       helper_method :current_user
 
       def authorize
-        redirect_to '/login' unless current_user
+        redirect_to '/login' unless @current_user
       end
 
     end
@@ -277,8 +277,8 @@ You can see the final source code here: [repo](https://github.com/thebucknerlife
     <body>
 
     # added these lines.
-    <% if current_user %>
-      Signed in as <%= current_user.name %> | <%= link_to "Logout", '/logout' %>
+    <% if @current_user %>
+      Signed in as <%= @current_user.name %> | <%= link_to "Logout", '/logout' %>
     <% else %>
       <%= link_to 'Login', '/login' %> | <%= link_to 'Signup', '/signup' %>
     <% end %>

diff --git a/simple_auth.md b/simple_auth.md
@@ -291,7 +291,7 @@ You can see the final source code here: [repo](https://github.com/thebucknerlife
 
 ##Things Missing
 
-*Adding flash messages would be simple and provide feedback to the user if things go wrong.
+* Adding flash messages would be simple and provide feedback to the user if things go wrong.
 
 --
 All done! Feel free to fork and update this. Reach me at @thebucknerlife on Twitter.
diff --git a/simple_auth.md b/simple_auth.md
@@ -289,5 +289,9 @@ You can see the final source code here: [repo](https://github.com/thebucknerlife
     </html>
     ```
 
+##Things Missing
+
+*Adding flash messages would be simple and provide feedback to the user if things go wrong.
+
 --
 All done! Feel free to fork and update this. Reach me at @thebucknerlife on Twitter.
diff --git a/simple_auth.md b/simple_auth.md
@@ -94,6 +94,7 @@ You can see the final source code here: [repo](https://github.com/thebucknerlife
     def create
       user = User.new(user_params)
       if user.save
+        session[:user_id] = user.id
         redirect_to '/'
       else
         redirect_to '/signup'

diff --git a/simple_auth.md b/simple_auth.md
@@ -288,5 +288,5 @@ You can see the final source code here: [repo](https://github.com/thebucknerlife
     </html>
     ```
 
----
+--
 All done! Feel free to fork and update this. Reach me at @thebucknerlife on Twitter.
diff --git a/simple_auth.md b/simple_auth.md
@@ -288,6 +288,5 @@ You can see the final source code here: [repo](https://github.com/thebucknerlife
     </html>
     ```
 
-
-
+---
 All done! Feel free to fork and update this. Reach me at @thebucknerlife on Twitter.
diff --git a/simple_auth.md b/simple_auth.md
@@ -288,4 +288,6 @@ You can see the final source code here: [repo](https://github.com/thebucknerlife
     </html>
     ```
 
+
+
 All done! Feel free to fork and update this. Reach me at @thebucknerlife on Twitter.
diff --git a/simple_auth.md b/simple_auth.md
@@ -287,3 +287,5 @@ You can see the final source code here: [repo](https://github.com/thebucknerlife
     </body>
     </html>
     ```
+
+All done! Feel free to fork and update this. Reach me at @thebucknerlife on Twitter.
diff --git a/simple_auth.md b/simple_auth.md
@@ -1,6 +1,6 @@
 #Simple Authentication with Bcrypt
 
-This guide is for adding authentication to a vanilla Ruby on Rails app using Bcrypt and has\_secure\_password. 
+This tutorial is for adding authentication to a vanilla Ruby on Rails app using Bcrypt and has\_secure\_password. 
 
 The steps below are based on Ryan Bates's approach from [
 Railscast \#250 Authentication from Scratch (revised)](http://railscasts.com/episodes/250-authentication-from-scratch-revised). 
@@ -244,7 +244,7 @@ You can see the final source code here: [repo](https://github.com/thebucknerlife
     end
     ```
 
-15. Add a ``` before_filter ``` to any controller that you want to secure. This will force user's to login before they can see the actions in this controller. I've created a gif controller below which I'm going to secure.
+15. Add a ``` before_filter ``` to any controller that you want to secure. This will force user's to login before they can see the actions in this controller. I've created a gif controller below which I'm going to secure. The routes for this controller were added to the routes.rb in the beginning of this tutorial.
 
     ```ruby
     # app/controllers/gif_controller.rb

diff --git a/simple_auth.md b/simple_auth.md
@@ -26,6 +26,7 @@ You can see the final source code here: [repo](https://github.com/thebucknerlife
         # I've created a gif controller so I have a page I can secure later. 
         # This is optional (as is the root to: above).
         get '/cool' => 'gif#cool'
+        get '/sweet' => 'gif#sweet'
 
         # These routes will be for signup. The first renders a form in the browse, the second will 
         # receive the form and create a user in our database using the data given to us by the user.

diff --git a/simple_auth.md b/simple_auth.md
@@ -245,10 +245,10 @@ You can see the final source code here: [repo](https://github.com/thebucknerlife
 
 15. Add a ``` before_filter ``` to any controller that you want to secure. This will force user's to login before they can see the actions in this controller. I've created a gif controller below which I'm going to secure.
 
-```ruby
-   # app/controllers/gif_controller.rb
+    ```ruby
+    # app/controllers/gif_controller.rb
 
-   class GifController < ApplicationController
+    class GifController < ApplicationController
 
       before_filter :authorize
 
@@ -259,7 +259,7 @@ You can see the final source code here: [repo](https://github.com/thebucknerlife
       end
 
     end
-   ```
+    ```
 
 16. You can update your application layout file to show the user's name if they're logged in and some contextual links.
 

diff --git a/simple_auth.md b/simple_auth.md
@@ -263,8 +263,8 @@ You can see the final source code here: [repo](https://github.com/thebucknerlife
 
 16. You can update your application layout file to show the user's name if they're logged in and some contextual links.
 
-   ```html+erb
-   <!DOCTYPE html>
+    ```html+erb
+    <!DOCTYPE html>
     <html>
     <head>
       <title>GifVault</title>
@@ -285,4 +285,4 @@ You can see the final source code here: [repo](https://github.com/thebucknerlife
 
     </body>
     </html>
-   ```
+    ```
diff --git a/simple_auth.md b/simple_auth.md
@@ -259,7 +259,7 @@ You can see the final source code here: [repo](https://github.com/thebucknerlife
       end
 
     end
-```
+   ```
 
 16. You can update your application layout file to show the user's name if they're logged in and some contextual links.
 

diff --git a/simple_auth.md b/simple_auth.md
@@ -263,7 +263,7 @@ You can see the final source code here: [repo](https://github.com/thebucknerlife
 
 16. You can update your application layout file to show the user's name if they're logged in and some contextual links.
 
-   ```ruby
+   ```html+erb
    <!DOCTYPE html>
     <html>
     <head>

diff --git a/simple_auth.md b/simple_auth.md
@@ -285,4 +285,4 @@ You can see the final source code here: [repo](https://github.com/thebucknerlife
 
     </body>
     </html>
-   ```
+   ```
diff --git a/simple_auth.md b/simple_auth.md
@@ -259,4 +259,30 @@ You can see the final source code here: [repo](https://github.com/thebucknerlife
       end
 
     end
-```
+```
+
+16. You can update your application layout file to show the user's name if they're logged in and some contextual links.
+
+   ```ruby
+   <!DOCTYPE html>
+    <html>
+    <head>
+      <title>GifVault</title>
+      <%= stylesheet_link_tag    "application", media: "all", "data-turbolinks-track" => true %>
+      <%= javascript_include_tag "application", "data-turbolinks-track" => true %>
+      <%= csrf_meta_tags %>
+    </head>
+    <body>
+
+    # added these lines.
+    <% if current_user %>
+      Signed in as <%= current_user.name %> | <%= link_to "Logout", '/logout' %>
+    <% else %>
+      <%= link_to 'Login', '/login' %> | <%= link_to 'Signup', '/signup' %>
+    <% end %>
+
+    <%= yield %>
+
+    </body>
+    </html>
+   ```
diff --git a/simple_auth.md b/simple_auth.md
@@ -22,6 +22,10 @@ You can see the final source code here: [repo](https://github.com/thebucknerlife
 
         # This route sends requests to our naked url to the *cool* action in the *gif* controller.
         root to: 'gif#cool'
+
+        # I've created a gif controller so I have a page I can secure later. 
+        # This is optional (as is the root to: above).
+        get '/cool' => 'gif#cool'
 
         # These routes will be for signup. The first renders a form in the browse, the second will 
         # receive the form and create a user in our database using the data given to us by the user.
@@ -60,7 +64,7 @@ You can see the final source code here: [repo](https://github.com/thebucknerlife
 5. Now create the view file where we put the signup form. 
 
     ```html+erb
-    # app/views/users/new.html.erb
+    <!-- app/views/users/new.html.erb -->
     
     <h1>Signup!</h1>
 
@@ -103,7 +107,7 @@ You can see the final source code here: [repo](https://github.com/thebucknerlife
   end
     ```
 
-7. Go to your Gemfile and uncomment the 'bcrypt' gem.
+7. Go to your Gemfile and uncomment the 'bcrypt' gem. We need bcrypt to securely store passwords in our database. 
 
     ```ruby
     source 'https://rubygems.org'
@@ -136,7 +140,10 @@ You can see the final source code here: [repo](https://github.com/thebucknerlife
     ```
 
 9. Run ``` bundle install ``` from the terminal then restart your rails server.
-10. Create a sessions controller.
+
+   *Note:* Windows users might have issues with bcrypt. If so, copy the error into Google and look for answers on Stack Overflow. There is documentation online for how to fix Windows so the bcrypt works.
+
+10. Create a sessions controller. This is where we create (aka login) and destroy (aka logout) sessions.
 
     ```ruby
     # app/controllers/sessions_controller.rb
@@ -178,6 +185,7 @@ You can see the final source code here: [repo](https://github.com/thebucknerlife
 
       root to: 'gif#cool'
 
+      # these routes are for showing users a login form, logging them in, and logging them out.
       get '/login' => 'sessions#new'
       post '/login' => 'sessions#create'
       get '/logout' => 'sessions#destroy'
@@ -195,12 +203,14 @@ You can see the final source code here: [repo](https://github.com/thebucknerlife
     
       def create
         user = User.find_by_email(params[:email])
-        # if the user exists AND the password entered is correct
+        # If the user exists AND the password entered is correct.
         if user && user.authenticate(params[:password])
-          # save the user id inside the browser cookie. This is how we keep the user logged in when they navigate around our website.
+          # Save the user id inside the browser cookie. This is how we keep the user 
+          # logged in when they navigate around our website.
           session[:user_id] = user.id
           redirect_to '/'
         else
+        # If user's login doesn't work, send them back to the login form.
           redirect_to '/login'
         end
       end
@@ -211,7 +221,7 @@ You can see the final source code here: [repo](https://github.com/thebucknerlife
       end
     ```
 
-14. Update the application controller with new methods to set the current_user if cookies work and to authorize.
+14. Update the application controller with new methods to look up the user, if they're logged in, and save their user object to a variable called current\_user. The ``` helper_method ``` line below current\_user allows us to use ``` current_user ``` in our view files. Authorize is for sending someone to the login page if they aren't logged in - this is how we keep certain pages our site secure... user's have to login before seeing them.
 
     ```ruby
     # app/controllers/application_controller.rb
@@ -232,3 +242,21 @@ You can see the final source code here: [repo](https://github.com/thebucknerlife
 
     end
     ```
+
+15. Add a ``` before_filter ``` to any controller that you want to secure. This will force user's to login before they can see the actions in this controller. I've created a gif controller below which I'm going to secure.
+
+```ruby
+   # app/controllers/gif_controller.rb
+
+   class GifController < ApplicationController
+
+      before_filter :authorize
+
+      def cool
+      end
+
+      def free
+      end
+
+    end
+```
diff --git a/simple_auth.md b/simple_auth.md
@@ -103,19 +103,7 @@ You can see the final source code here: [repo](https://github.com/thebucknerlife
   end
     ```
 
-7. Go to the User model file and add ``` has_secure_password ```.
-
-    ```ruby
-    # app/models/user.rb
-        
-    class User < ActiveRecord::Base
-
-      has_secure_password
-
-    end
-    ```
-
-8. Go to your Gemfile and uncomment the 'bcrypt' gem.
+7. Go to your Gemfile and uncomment the 'bcrypt' gem.
 
     ```ruby
     source 'https://rubygems.org'
@@ -135,6 +123,18 @@ You can see the final source code here: [repo](https://github.com/thebucknerlife
     
     ```
 
+7. Go to the User model file and add ``` has_secure_password ```. This is the line of code that gives our User model authentication methods via bcrypt.
+
+    ```ruby
+    # app/models/user.rb
+        
+    class User < ActiveRecord::Base
+
+      has_secure_password
+
+    end
+    ```
+
 9. Run ``` bundle install ``` from the terminal then restart your rails server.
 10. Create a sessions controller.
 

diff --git a/simple_auth.md b/simple_auth.md
@@ -107,7 +107,7 @@ You can see the final source code here: [repo](https://github.com/thebucknerlife
 
     ```ruby
     # app/models/user.rb
-    
+        
     class User < ActiveRecord::Base
 
       has_secure_password

diff --git a/simple_auth.md b/simple_auth.md
@@ -41,7 +41,7 @@ You can see the final source code here: [repo](https://github.com/thebucknerlife
     end
     ```
 
-4. Add a *new* action (for rendering the signup form) and a *create* action (for receiving the form and creating a user with the form's parameters.): 
+4. Add a **new** action (for rendering the signup form) and a **create** action (for receiving the form and creating a user with the form's parameters.): 
 
     ```ruby
     # app/controllers/users_controller.rb
@@ -74,11 +74,11 @@ You can see the final source code here: [repo](https://github.com/thebucknerlife
 
     <% end %>
     ```
-   *A note on Rail's conventions:* This view file is for the *new* action of the *users controller*. As a result, we save the file here: ``` /app/views/users/new.html.erb ```. The file is called *new*.html.erb and it is saved inside the views folder, in a folder we created called *users*. 
+   *A note on Rail's conventions:* This view file is for the **new** action of the **users controller**. As a result, we save the file here: ``` /app/views/users/new.html.erb ```. The file is called **new**.html.erb and it is saved inside the views folder, in a folder we created called **users**. 
 
    That's the convention: view files are inside a folder with the same name as the controller and are named for the action they render.
     
-6. Add logic to create action and create the private user_params method to sanitize the input from the form (this is a new Rails 4 thing and it's required).
+6. Add logic to **create** action and add the private ``` user_params ``` method to sanitize the input from the form (this is a new Rails 4 thing and it's required). You might need to adjust the parameters inside the ``` .permit() ``` method based on how you setup your User model.
 
     ```ruby
   class UsersController < ApplicationController

diff --git a/simple_auth.md b/simple_auth.md
@@ -41,7 +41,7 @@ You can see the final source code here: [repo](https://github.com/thebucknerlife
     end
     ```
 
-4. Add a *new* action (for redering the signup form) and a *create* action (for receiving the form and creating a user with the form's parameters.): 
+4. Add a *new* action (for rendering the signup form) and a *create* action (for receiving the form and creating a user with the form's parameters.): 
 
     ```ruby
     # app/controllers/users_controller.rb
@@ -57,7 +57,7 @@ You can see the final source code here: [repo](https://github.com/thebucknerlife
     end
     ```
     
-5. Now create the view file where we put our signup form.
+5. Now create the view file where we put the signup form. 
 
     ```html+erb
     # app/views/users/new.html.erb
@@ -74,6 +74,9 @@ You can see the final source code here: [repo](https://github.com/thebucknerlife
 
     <% end %>
     ```
+   *A note on Rail's conventions:* This view file is for the *new* action of the *users controller*. As a result, we save the file here: ``` /app/views/users/new.html.erb ```. The file is called *new*.html.erb and it is saved inside the views folder, in a folder we created called *users*. 
+
+   That's the convention: view files are inside a folder with the same name as the controller and are named for the action they render.
     
 6. Add logic to create action and create the private user_params method to sanitize the input from the form (this is a new Rails 4 thing and it's required).
 

diff --git a/simple_auth.md b/simple_auth.md
@@ -41,7 +41,7 @@ You can see the final source code here: [repo](https://github.com/thebucknerlife
     end
     ```
 
-4. Add a new action (for the signup form) and a create action (for the form to post to - the logic to create new users goes here): 
+4. Add a *new* action (for redering the signup form) and a *create* action (for receiving the form and creating a user with the form's parameters.): 
 
     ```ruby
     # app/controllers/users_controller.rb

diff --git a/simple_auth.md b/simple_auth.md
@@ -11,7 +11,7 @@ You can see the final source code here: [repo](https://github.com/thebucknerlife
 
 1. Create a user model with a name, email and password\_digest (all strings) by entering the following command into the command line: ``` rails generate model user name email password_digest ```. 
 
-    Note: IF you already have a user model or you're going to use a different model for authentication, that model must have an attribute names password\_digest and some kind of attribute to identify the user (like an email or a username).
+    *Note:* If you already have a user model or you're going to use a different model for authentication, that model must have an attribute names password\_digest and some kind of attribute to identify the user (like an email or a username).
 2. Run ``` rake db:migrate ``` in the command line to migrate the database.
 3. Add these routes below to your routes.rb file. Notice I also deleted all the comments inside that file. Don't forget to leave the trailing ``` end ```, though.
 

diff --git a/simple_auth.md b/simple_auth.md
@@ -13,7 +13,7 @@ You can see the final source code here: [repo](https://github.com/thebucknerlife
 
     Note: IF you already have a user model or you're going to use a different model for authentication, that model must have an attribute names password\_digest and some kind of attribute to identify the user (like an email or a username).
 2. Run ``` rake db:migrate ``` in the command line to migrate the database.
-3. Add these routes below to your routes.rb file. Notice I also deleted all the comments inside that file (don't forget to leave the trailing ``` end ```, though.
+3. Add these routes below to your routes.rb file. Notice I also deleted all the comments inside that file. Don't forget to leave the trailing ``` end ```, though.
 
     ```ruby
     # config/routes.rb

diff --git a/simple_auth.md b/simple_auth.md
@@ -34,6 +34,8 @@ You can see the final source code here: [repo](https://github.com/thebucknerlife
 3. Create a users controller: 
 
     ```ruby
+    # app/controllers/users_controller.rb
+    
     class UsersController < ApplicationController
 
     end
@@ -42,6 +44,8 @@ You can see the final source code here: [repo](https://github.com/thebucknerlife
 4. Add a new action (for the signup form) and a create action (for the form to post to - the logic to create new users goes here): 
 
     ```ruby
+    # app/controllers/users_controller.rb
+    
     class UsersController < ApplicationController
 
         def new
@@ -56,7 +60,7 @@ You can see the final source code here: [repo](https://github.com/thebucknerlife
 5. Now create the view file where we put our signup form.
 
     ```html+erb
-    # at app/views/users/new.html.erb
+    # app/views/users/new.html.erb
     
     <h1>Signup!</h1>
 

diff --git a/simple_auth.md b/simple_auth.md
@@ -16,6 +16,8 @@ You can see the final source code here: [repo](https://github.com/thebucknerlife
 3. Add these routes below to your routes.rb file. Notice I also deleted all the comments inside that file (don't forget to leave the trailing ``` end ```, though.
 
     ```ruby
+    # config/routes.rb
+
     GifVault::Application.routes.draw do
 
         # This route sends requests to our naked url to the *cool* action in the *gif* controller.
-Original file line number
+Diff line change
@@ -285,4 +285,4 @@ You can see the final source code here: [repo](https://github.com/thebucknerlife
         </body>
         </html>
-       ```
+       ```
No results found