Otherwise you can hit /signup to register an account!
Then log out by going to /logout, and try logging back in at /login.
We will store ten latest passwords in the users table. The idea is to iterate through the stored password salts and encrypt the current password with them using the authlogic mechanism, and then check if the resulting crypted password is already present in the password_repeated?
When building a web app, one of the first features you usually add is the ability for users to register and log in to see their data linked with their personal account.
" redirect_back_or_default account_url(@current_user) else render :action = [:show, :edit, :update] def new @user = end def create @user = User.new(params[:user]) # Saving without session maintenance to skip # auto-login which can't happen here because # the User has not yet been activated if @flash[:notice] = "Your account has been created." redirect_to signup_url else flash[:notice] = "There was a problem creating you." render :action = :new end end def show @user = current_user end def edit @user = current_user end def update @user = current_user # makes our views "cleaner" and more consistent if @user.update_attributes(params[:user]) flash[:notice] = "Account updated!
" redirect_to account_url else render :action = user_sessions GET /user_sessions(.:format) POST /user_sessions(.:format) new_user_session GET /user_sessions/new(.:format) edit_user_session GET /user_sessions/:id/edit(.:format) user_session GET /user_sessions/:id(.:format) PUT /user_sessions/:id(.:format) DELETE /user_sessions/:id(.:format) login /login(.:format) logout /logout(.:format) users GET /users(.:format) POST /users(.:format) new_user GET /users/new(.:format) edit_user GET /users/:id/edit(.:format) user GET /users/:id(.:format) PUT /users/:id(.:format) DELETE /users/:id(.:format) account POST /user(.:format) new_account GET /user/new(.:format) edit_account GET /user/edit(.:format) GET /user(.:format) PUT /user(.:format) DELETE /user(.:format) signup /signup(.:format) root / Visit – default root path set to signup.
Let’s now see the actual implementation of this new @Autowired private IUser Service service; @Request Mapping(value = "/regitration Confirm", method = Request Method.
GET) public String confirm Registration (Web Request request, Model model, @Request Param("token") String token) We’ll defer the generation of a new token for a future article and assume that the user does indeed successfully verify their token here.