Authenticating Users Lab

Learning Goals

Use the session hash to log in a user

Introduction

In this lab, we'll continue working on the blog site and set up a basic login feature.

There is some starter code in place for a Rails API backend and a React frontend. To get set up, run:

$ bundle install
$ rails db:migrate db:seed
$ npm install --prefix client

You can work on this lab by running the tests with learn test. It will also be helpful to see what's happening during the request/response cycle by running the app in the browser. You can run the Rails server with:

$ rails s

And you can run React in another terminal with:

$ npm start --prefix client

You don't have to make any changes to the React code to get this lab working.

Instructions

For our basic login feature, we'll need the following functionality:

A user can log in by providing their username in a form
A user can log out
A user can remain logged in, even after refreshing the page

We'll need to create the routes and controller methods to handle each of these features. Let's get started!

Sessions

Generate these routes:
- POST /login: run the SessionsController#create method
- DELETE /logout: run the SessionsController#destroy method
Create a sessions controller.
- Note: If you use the generators to generate your controllers, be sure to pass the --no-test-framework flag to avoid generating unneeded files: rails g controller Sessions --no-test-framework
Make a SessionsController#create method. It should:
- Find a user in the database using the username from params
- Save the user's ID to the session hash
- Return the user as a JSON object
Make a SessionsController#destroy method. It should:
- Remove the user ID from the session hash
- Return an empty response with a 204 No Content status code

Users