Rails 6 API Tutorial - Using has_secure_password for Authentication p.22

Показать описание

In this video series we will build a Rails API from scratch. Backend APIs are useful for serving data to frontend applications, mobile apps or other backend services.

This video covers:
00:00 - Introduction
00:38 - Adding a new password field
01:32 - Using has_secure_password
01:52 - Using bcrypt for the hashing algorithm
02:58 - Adding a password_digest field
03:54 - Adding has_secure_password to the User model
04:23 - Testing user passwords in the rails console
05:15 - Updating authentication specs with the new password field
06:50 - Adding a new test case for when password is invalid
08:50 - Adding logic to check the user's password, to the authentication controller
10:22 - Adding an AuthenticationError class
11:25 - Rescuing AuthenticationError with rescue_from and returning a 401 (unauthorized) status code
12:56 - Tidying up the controller
14:24 - Testing with cURL
16:35 - Some thoughts on other Rails authentication frameworks

Рекомендации по теме

Комментарии

Another great video. Three thumbs up for TDD through it.

Amplifity

Your tutorials are amazing, I have learned a whole lot from them, the TDD makes it even clearer. You're the best

acushlakoncepts

Thanks man, this series helped me a lot ❤

ahmedmustafa

This tutorial is so great. I will definitely post it on my LinkedIn.

Олексій-Куц

Very nice, but I dare say that rails does not decode the hash, but encode the input password with a hash function and compare it with the hash in the database. Hash functions are designed in such a way that there is a very small chance that the encoded hashes will match. (Sorry for my bad English)

cssex

Great series! You should do Udemy courses. BTW how do you recommend to invalidate tokens? A blocklist?

darkpill

Great video and series. But I think if the user is nil, the app will crash 500. You need the &. after user in "raise AuthenticationError unless

coop

JWT Token is random each time, how can there by an equality test?

ryanb

Rails 6 API Tutorial - Using has_secure_password for Authentication p.22

Rails 6 API Tutorial - Create project and routing p.1

Rails 6 API Tutorial - Basic controllers and models p.2

Rails 6 API Tutorial - Finding the user and adding their ID to the JWT payload p.21

Rails 6 API Tutorial - Namespacing and versioning p.8

Rails 6 API Tutorial - Creating Multiple Records in Controllers p.13

Rails 6 API Tutorial - Authentication with JWT Intro p.18

Rails 6 API Tutorial - API Response Body Specs & Using Spec Helpers p.14

Rails 6 API Tutorial - Securing API Endpoints with the Authentication Bearer Header p.23

Rails 6 API Tutorial - HTTP Status Codes p.4

Rails 6 API Tutorial - Testing Active Job with RSpec p.17

Rails 6 API Tutorial - API Tests with RSpec p.9

Rails 6 API Tutorial - Active Job For Time Intensive Operations p.16

Rails 6 API Tutorial - JWT Authentication Service p.20

Rails 6 API Tutorial - Fixing authentication specs and improving the codebase p.24

Rails 6 API Tutorial - Exception handling in controllers p.7

Rails 6 API Tutorial - Destroy Controller Action p.6

Rails 6 API Tutorial - Building an Authentication Endpoint p.19

Learn Ruby on Rails - Full Course

Rails 6 API Tutorial - Using has_secure_password for Authentication p.22

Rails 6 API Tutorial - API Pagination p.15

Rails 6 for Beginners Part 33: Twitter API

Rails 6 API Tutorial - RSpec API Tests POST/DELETE p.10

Create Your First API Using Rails 6 And Serve It To A Javascript API User | Week 4 Part 1 - 20in20

Rails 6 API Tutorial - Model Associations p.11