Bare Guidelines For Setting Up Auth With Revisions Based on Comments using Ruby on Rails And Vanilla JS
rails new --api -d=postgresql backend_auth_1st_attempt
uncomment bcrypt
bundle add jwt to add jwt to your back end directory
run bundle install
create user with rails g resource, get password digest, username, password
rails g resource username email password:digest
rails d resourcepassword:digest should generate has_secure_password in your user model, rails magic to show t.string :password_digest in your migration table, you better not do a password_digest when you create your seeds
rails db create migrate
test - seed and console
User.create(name: "", password: "")
setup index
rails g controller
check your rails routes
you should have a authentication#login for your login route to POST a login action within your authentication controller
you should also have a your users controller updated in your routes to the profile action (users#profile) as a GET
YOU WANt to create an authentication controller
require 'jwt'
you'll also want to save the token created by the authentication controller to local storage.
whenver the page loades you'll want to be checking if local storage has a token in it.
hmm...if a token does exist you'll want to pass it over to the user controller.... you'll want to be passing over to the backend to for it to be decoded and return the...(payload of the decoded token) ...which was probably the user that was stored within that token...
mkdir frontendAuth
cd frontendAuth
touch index.html app.js app.css
rails new --api -d=postgresql backendAuth
command + p gemfile
command + p cors.rb
rails g resource user username email password:digest
password digest will make it so the user model 'has_secure_password'
it will also generate the password as password_digest in the migration table and schema to assist with the login action and profile action created in the authentication controller and users controller respectively.
rails g controller authentication
in your routes:
post "login", to: 'authentication#login'
get 'profile', to: 'users#profile'
rails routes
def login
username = params[:user][:username]
password = params[:user][:password]
?? email = params[:user][:email]
@user = User.find_by(username: username
?? @user = User.find_by(username: username, email: email)
if !@user
render status: :unauthorized
if !@user.authenticate password
render status: :unauthorized
secret_key = Rails.application.secrets.secret_key_base
token = JWT.encode({
user_name: @user.username,
}, secret_key)
render json: {
token: token

Excited to learn, and even happier to teach.

Love podcasts or audiobooks? Learn on the go with our new app.

Recommended from Medium

Elixir: Up And Running With Dokku On Digital Ocean

London Stock Exchange — A Case Study

Buy Verified Cash App Account with BTC Enable

How to Install MySQL on a Raspberry Pi

Notepad++ just got a massive update!

Landing Your First Dev Job: The Roadmap

30,000 Feet View of CI/CD — Part 1

Reduce Cost and Increase Productivity with Value Added IT Services from buzinessware — {link} -

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store


Excited to learn, and even happier to teach.

More from Medium

Save Data Automatically with Ruby on Rails

Ensure only one record has specific value for another associated record | Rails 6.1.4

Gems for your Ruby on Rails application to make testing fun

💎Rails File Structure Overview 💎