This page lists the actions we took to install and use the gem 'devise' to implement the user authentication in our Kindred Acebook

• For the official devise documentation click here!

When a user hasn't signed up and visits the index of the application:

• if they visit another URL, they are redirected to the index
• they can see a sign up page which prompts them to enter in their email address and password.
• they can only enter valid emails, otherwise they see helpful information to indicate why the email was not valid
• they can only enter passwords between 6-10 characters, otherwise they see helpful information to indicate why the password was not valid
• When they submit their details, they are logged in and redirected to their posts page with a message saying they were successful signing up

• Devise
• location of gem in gemfile should be .....
• location of config.action_mailer.default_url_options = { host: 'localhost', port: 3000 } should be ....

Visit the getting started and follow the steps, also summarised below;

Add gem 'devise' to your gemfile in a global position

Then run bundle install

Next, you need to run the generator:

$ rails generate devise:install

At this point, a number of instructions will appear in the console. Among these instructions, you'll need to set up the default URL options for the Devise mailer in each environment. Here is a possible configuration for config/environments/development.rb:

config.action_mailer.default_url_options = { host: 'localhost', port: 3000 }

Instructions as result of running $ rails generate devise:install you should see the following message in terminal:

 - *Follow steps and then will see the below in terminal:*

 1.  Ensure you have defined default url options in your environments files. Here
     is an example of default_url_options appropriate for a development environment
     in config/environments/development.rb:

       config.action_mailer.default_url_options = { host: 'localhost', port: 3000 }

     In production, :host should be set to the actual host of your application.

     * Required for all applications. *

 2. Ensure you have defined root_url to *something* in your config/routes.rb.
     For example:

       root to: "home#index"
     
     * Not required for API-only Applications *

 3. Ensure you have flash messages in app/views/layouts/application.html.erb.
     For example:

       <p class="notice"><%= notice %></p>
       <p class="alert"><%= alert %></p>

     * Not required for API-only Applications *

 4. You can copy Devise views (for customization) to your app by running:

       rails g devise:views

You then want to create the model for devise, this should be the User class in this instance. Run rails generate devise User

Then rails db:migrate to update the database

Run rake db:migrate db:test:prepare to make sure the test database is also updated

Then add the following bloack of code within the ApplicationController at application_controller.rb

  protect_from_forgery with: :exception

  before_action :authenticate_user!

  protected

  def after_sign_in_path_for(_resource)
    # return the path based on resource
    '/posts'
  end

  def destroy_user_session_path; end

This does several things...

1. Makes sure user's passwords are securely encrypted
2. Makes sure only signed in and authenticated users can perform any of the other actions listed in any other controllers
3. After signing in (which occurs automatically upon sign-up) the user is automatically redirected to '/posts'

• production env, :host port integration with heroku
• interaction with travis
• test database/env