In these projects, you’ll be working to implement authentication systems so users can only access areas of a site they are authorized to.
In this project you’ll follow along to Andy Leverenz’s brilliant Building a Twitter Clone screen casts. You’ll be building a light weight version of Twitter and get lot of healthy experience with using Devise in the process.
In this project, you’ll be building an exclusive clubhouse where your members can write anonymous posts. Inside the clubhouse, members can see who the author of a post is but, outside, they can only see the story and wonder who wrote it.
If you want to add your own stylistic flourishes, consider it extra credit.
The projects will be less and less explicit about how to achieve their goals, since we expect you to build on your previous knowledge. If you don’t know how to do something, feel free to check back in previous lessons or projects or Google the correct way to implement it (though be careful, because that may take you deeper down the road than we intended).
If you’d like to challenge yourself, don’t even follow the steps below, just go ahead and build the app!
members-onlyRails app and GitHub repo. Update your README.
note: At the time of writing, Devise and Turbo Drive don’t play nicely together. When using devise with Turbo Drive you have two options. Either you can generate the devise views to your local app (covered in the devise README) and then for each view with a form disable turbo drive by adding the data attribute. This is time consuming but simple to follow. The other way is to create a custom controller to handle this and then use devise for that. This GoRails episode covers how you’d do that. You might not understand everything being done but it’s a quicker solution. Hopefully Devise will be Rails 7 Turbo compatible by the time you read this
Let’s build those secrets! We’ll need to make sure only signed in users can see the author of each post. We’re not going to worry about editing or deleting posts.
[:new, :create, :index]methods.
#before_actionto restrict access to the
#createmethods to only users who are signed in.
app/views/posts/new.html.erbview which will create a new Post.
#createaction build a post where the foreign key for the author (e.g.
user_id) is automatically populated based on whichever user is signed in. Redirect to the Index view if successful.
#indexaction of the PostsController and create the corresponding view. The view should show a list of every post.
This section contains helpful links to other content. It isn’t required, so consider it supplemental.