The application I'm creating works like this:
There is an account (a company)
Users belong to the Account (company)
So when somebody wants to sign up and create an account, it should
create an account, then create a user.
username(User)
password(Users)
company(Account)
So I created a Signup controller. I want to add validation but I don't
have a model (for unique and presence validation)for it because the
signup controller is supposed to create User and Account.
class SignupController < ApplicationController
def new
@account = Account.new
@user = User.new
respond_to do |format|
format.html # new.html.erb
end
The application I'm creating works like this:
There is an account (a company)
Users belong to the Account (company)
So when somebody wants to sign up and create an account, it should
create an account, then create a user.
username(User)
password(Users)
company(Account)
Are you using an authentication library such as Authlogic for this? If
not, I highly recommend doing so.
So I created a Signup controller. I want to add validation but I don't
have a model (for unique and presence validation)for it because the
signup controller is supposed to create User and Account.
So? You still need models.
class SignupController < ApplicationController
[...]
Do you have a question here? I'm not sure I understand why you're
posting.
Are you using an authentication library such as Authlogic for this? If
not, I highly recommend doing so.
Nope, I'm using a digest sha2 password with salt. I'll take a look at
Authlogic.
So? You still need models.
You mean, a model that references other models?
Do you have a question here? I'm not sure I understand why you're
posting.
Sorry, forgot the question, the question of course was: what's the best
way to create an account and then a username with account_id(the one
that was just created) by using the Signup controller?
Is your question how to add validation? When you say you don't have a
model I presume you mean you do not have a Signup model. The
validations go with the model that you are writing to so the
validations will be on the User and Account models. Then when you try
to save them they will fail so you can take appropriate action.
However, as Marnen has said, if you want authentication then I also
suggest looking at Authlogic unless you are just doing this as an
exercise. There are a lot of pitfalls in authentication that are easy
to fall into and it is an area of the site that can give you big
problems if it is not secure. There is also devise that has had some
publicity lately but I have not tried it.
Are you using an authentication library such as Authlogic for this? If
not, I highly recommend doing so.
Nope, I'm using a digest sha2 password with salt.
That's orthogonal to whether you're using an authentication library.
I'll take a look at
Authlogic.
Do. Particularly as a beginner, you don't want to implement your own
authentication system when so many other people have already done it.
So? You still need models.
You mean, a model that references other models?
Huh? You seemed to be saying you didn't have User and Account models.
Do you have a question here? I'm not sure I understand why you're
posting.
Sorry, forgot the question, the question of course was: what's the best
way to create an account and then a username with account_id(the one
that was just created) by using the Signup controller?
Why do you need both User and Account? From the logic you posted, it
looks like they're always going to be in a 1:1 relationship, which means
you only need one.
Huh? You seemed to be saying you didn't have User and Account models.
Yes, I do. According to Colin, the validation will be taken from User
and Account models.
Why do you need both User and Account? From the logic you posted, it
looks like they're always going to be in a 1:1 relationship, which means
you only need one.
The user that signs up and creates the account is the admin user for the
account. Then, he can send email invitations to his staff (users) to
also use the application.
Huh? You seemed to be saying you didn't have User and Account models.
Yes, I do. According to Colin, the validation will be taken from User
and Account models.
What should be getting validated?
Why do you need both User and Account? From the logic you posted, it
looks like they're always going to be in a 1:1 relationship, which means
you only need one.
The user that signs up and creates the account is the admin user for the
account. Then, he can send email invitations to his staff (users) to
also use the application.
Account has many Users
User belongs to Account
Then yeah, you need both classes. It wasn't obvious from the code you
posted.
Make sure an username, password and email have been entered and such.
About the form, I was using form_tag and then realized the form is not
connected to any class. How can I connect the form to two different
classes? For example: company_name field to Account class and
username/password to User class?
Any decent authentication system will do this for you, for free.
I have used Devise on three separate projects lately, and it is rock-solid and easy to apply to an existing project or to design around. If you like the look of the stock views, you don't even need to do anything extra.
If you want to fiddle, you can ask it to generate a full set of views and fuss with every line-break and what-else. Watch the Railscast. You'll be kicking yourself for wanting to build it from scratch.
Your Accounts will have usernames and e-mail addresses? Why?
Those properly belong to Users.
Am I misunderstanding?
Yes, a little bit Like I said above...
"The user that signs up and creates the account is the admin user for
the
account. Then, he can send email invitations to his staff (users) to
also use the application."
Account has many Users
User belongs to Account
Think of the Account class as a Company class or a Business class. The
users belong to the Account, Business or Company (whatever you want to
call it). Let's say the account is like the company, and it contains
address, website, phone, fax.
So when somebody opens up an account using the sign up form it fills out
fields like this:
*First name (User class)
*Last name (User class)
*Company (Account class)
*Username (User class)
*Password (User class)
*Application Address http://______.application.com (Account class)
So I created a Signup controller. When submitting the sign up form, both
an Account object and an User object have to be created. Since User
belongs to Account. The newly created account.id has to be entered in
user.account_id
That's why I'm saying that I have to create an Account and a User using
the same controller and reference the User to the Account.
Also built in.
You can add Devise to an existing model, and it just works. Or use the
devise generator to make a new model with all the trimmings.
For sure will take a look at it tomorrow early morning
Your Accounts will have usernames and e-mail addresses? Why?
Those properly belong to Users.
Am I misunderstanding?
Yes, a little bit Like I said above...
"The user that signs up and creates the account is the admin user for
the
account. Then, he can send email invitations to his staff (users) to
also use the application."
You really want to use Devise and Devise Invitable for this. You just described the last site I built with this combination EXACTLY, and the one before that almost the same (restricted invitations to members of the Sales team). There is one User model, with Devise and Invitable in it. Practices (it's a medical device site) are validated to have a unique name. The first User to register a Practice becomes its owner, and can then access the invitation page to send keys to other people by entering their e-mail address. But I didn't have to make any extra controllers for this, just follow the fall-line of the Devise and invitable instructions. When I wanted additional fields in my database, I just rolled a new migration and modified the views. Everything else was taken care of for me.
That's exactly what it's for. Instead of just handling the authentication side of things at a back-end level, it creates a complete login, logout, forgot my password, remember me on this computer, etc. system for you. There are about a dozen different things you can enable or disable in your devise call in the model, and there are tons of third-party add-ons you can install (like Invitable) that do specific things you might need, like authenticate against Facebook (ewww) or whatever your heart or client desires. If you use the rake task to unpack the views, you'll see that it makes a whole flotilla of views for you, and anything you do to those (and the db, naturally) will just magically work for you. You don't have to unpack them if you don't want to, but it helps to see what goes where.
Ok so I read the introductory documentation for Devise. I'm going to
create an Admin controller too. What I can't find out though, I have
googled it several times too, is how to apply a Layout file for a
specific method of the same Class.
For example, the User class: the sign up, sign in and index methods are
supposed to have different layouts.
The sign up should be a page with just a no-link logo and just the form
so I won't distract the user from signing up.
The sign in also a very basic for asking for username and password.
The index is supposed to be displayed AFTER the user has logged in and
he can be able to see a list of users.
You get the idea.
I had read that Rails looks for a specific class layout and if it
doesn't find it, it goes for application.html.erb I tried adding layout
files in the layout directory users.html.erb sessions.html.erb but it
doesn't work. So how can I setup the different layouts?
You might want to ask on the Devise list, I haven't done anything quite like this before, but you're right -- it is probably something that just works.