Sign up (create account, create user)

The application I'm creating works like this:
There is an account (a company)
Users belong to the Account (company)

So when somebody wants to sign up and create an account, it should
create an account, then create a user.

username(User)
password(Users)
company(Account)

So I created a Signup controller. I want to add validation but I don't
have a model (for unique and presence validation)for it because the
signup controller is supposed to create User and Account.

class SignupController < ApplicationController
  def new
    @account = Account.new
    @user = User.new

    respond_to do |format|
      format.html # new.html.erb
    end

  end

  def create
    @account = Account.new(params[:account])

    respond_to do |format|

    if @account.save
      format.html { redirect_to(@account, :notice => 'Account was
successfully created.') }
      @user = User.new(params[:user])
      @user.account_id = @account.id
      if @user.save
        format.html { redirect_to(@user, :notice => 'User was
successfully created.') }
      else
        # user wasn't saved
        format.html { render :action => "new" }
      end
    else
      # account wasn't saved
      format.html { render :action => "new" }
    end
    end
  end

end

Leonel *.* wrote in post #955883:

The application I'm creating works like this:
There is an account (a company)
Users belong to the Account (company)

So when somebody wants to sign up and create an account, it should
create an account, then create a user.

username(User)
password(Users)
company(Account)

Are you using an authentication library such as Authlogic for this? If
not, I highly recommend doing so.

So I created a Signup controller. I want to add validation but I don't
have a model (for unique and presence validation)for it because the
signup controller is supposed to create User and Account.

So? You still need models.

class SignupController < ApplicationController

[...]

Do you have a question here? I'm not sure I understand why you're
posting.

Best,

Are you using an authentication library such as Authlogic for this? If
not, I highly recommend doing so.

Nope, I'm using a digest sha2 password with salt. I'll take a look at
Authlogic.

So? You still need models.

You mean, a model that references other models?

Do you have a question here? I'm not sure I understand why you're
posting.

Sorry, forgot the question, the question of course was: what's the best
way to create an account and then a username with account_id(the one
that was just created) by using the Signup controller?

Is your question how to add validation? When you say you don't have a
model I presume you mean you do not have a Signup model. The
validations go with the model that you are writing to so the
validations will be on the User and Account models. Then when you try
to save them they will fail so you can take appropriate action.

However, as Marnen has said, if you want authentication then I also
suggest looking at Authlogic unless you are just doing this as an
exercise. There are a lot of pitfalls in authentication that are easy
to fall into and it is an area of the site that can give you big
problems if it is not secure. There is also devise that has had some
publicity lately but I have not tried it.

Colin

Leonel *.* wrote in post #955895:

Are you using an authentication library such as Authlogic for this? If
not, I highly recommend doing so.

Nope, I'm using a digest sha2 password with salt.

That's orthogonal to whether you're using an authentication library.

I'll take a look at
Authlogic.

Do. Particularly as a beginner, you don't want to implement your own
authentication system when so many other people have already done it.

So? You still need models.

You mean, a model that references other models?

Huh? You seemed to be saying you didn't have User and Account models.

Do you have a question here? I'm not sure I understand why you're
posting.

Sorry, forgot the question, the question of course was: what's the best
way to create an account and then a username with account_id(the one
that was just created) by using the Signup controller?

Why do you need both User and Account? From the logic you posted, it
looks like they're always going to be in a 1:1 relationship, which means
you only need one.

Best,

So? You still need models.

You mean, a model that references other models?

Huh? You seemed to be saying you didn't have User and Account models.

Yes, I do. According to Colin, the validation will be taken from User
and Account models.

Why do you need both User and Account? From the logic you posted, it
looks like they're always going to be in a 1:1 relationship, which means
you only need one.

The user that signs up and creates the account is the admin user for the
account. Then, he can send email invitations to his staff (users) to
also use the application.

Account has many Users
User belongs to Account

Leonel *.* wrote in post #955920:

So? You still need models.

You mean, a model that references other models?

Huh? You seemed to be saying you didn't have User and Account models.

Yes, I do. According to Colin, the validation will be taken from User
and Account models.

What should be getting validated?

Why do you need both User and Account? From the logic you posted, it
looks like they're always going to be in a 1:1 relationship, which means
you only need one.

The user that signs up and creates the account is the admin user for the
account. Then, he can send email invitations to his staff (users) to
also use the application.

Account has many Users
User belongs to Account

Then yeah, you need both classes. It wasn't obvious from the code you
posted.

Best,

What should be getting validated?

Make sure an username, password and email have been entered and such.

About the form, I was using form_tag and then realized the form is not
connected to any class. How can I connect the form to two different
classes? For example: company_name field to Account class and
username/password to User class?

Any decent authentication system will do this for you, for free.

I have used Devise on three separate projects lately, and it is rock-solid and easy to apply to an existing project or to design around. If you like the look of the stock views, you don't even need to do anything extra.

If you want to fiddle, you can ask it to generate a full set of views and fuss with every line-break and what-else. Watch the Railscast. You'll be kicking yourself for wanting to build it from scratch.

Walter

Walter Davis wrote in post #955927:

Leonel *.* wrote in post #955933:

Walter Davis wrote in post #955927:

What should be getting validated?

Make sure an username, password and email have been entered and such.

[...]

The validation I was talking about was for Account creation.

WTF? Your Accounts will have usernames and e-mail addresses? Why?
Those properly belong to Users.

Am I misunderstanding?

Best,

Also built in.

You can add Devise to an existing model, and it just works. Or use the devise generator to make a new model with all the trimmings.

Walter

Your Accounts will have usernames and e-mail addresses? Why?
Those properly belong to Users.

Am I misunderstanding?

Yes, a little bit :stuck_out_tongue: Like I said above...
"The user that signs up and creates the account is the admin user for
the
account. Then, he can send email invitations to his staff (users) to
also use the application."

Account has many Users
User belongs to Account

Think of the Account class as a Company class or a Business class. The
users belong to the Account, Business or Company (whatever you want to
call it). Let's say the account is like the company, and it contains
address, website, phone, fax.

So when somebody opens up an account using the sign up form it fills out
fields like this:
*First name (User class)
*Last name (User class)
*Company (Account class)
*Username (User class)
*Password (User class)
*Application Address http://______.application.com (Account class)

So I created a Signup controller. When submitting the sign up form, both
an Account object and an User object have to be created. Since User
belongs to Account. The newly created account.id has to be entered in
user.account_id

That's why I'm saying that I have to create an Account and a User using
the same controller and reference the User to the Account.

Also built in.

You can add Devise to an existing model, and it just works. Or use the
devise generator to make a new model with all the trimmings.

For sure will take a look at it tomorrow early morning :smiley:

Thanks

Your Accounts will have usernames and e-mail addresses? Why?
Those properly belong to Users.

Am I misunderstanding?

Yes, a little bit :stuck_out_tongue: Like I said above...
"The user that signs up and creates the account is the admin user for
the
account. Then, he can send email invitations to his staff (users) to
also use the application."

You really want to use Devise and Devise Invitable for this. You just described the last site I built with this combination EXACTLY, and the one before that almost the same (restricted invitations to members of the Sales team). There is one User model, with Devise and Invitable in it. Practices (it's a medical device site) are validated to have a unique name. The first User to register a Practice becomes its owner, and can then access the invitation page to send keys to other people by entering their e-mail address. But I didn't have to make any extra controllers for this, just follow the fall-line of the Devise and invitable instructions. When I wanted additional fields in my database, I just rolled a new migration and modified the views. Everything else was taken care of for me.

Walter

Walter Davis wrote in post #956070:

That's exactly what it's for. Instead of just handling the authentication side of things at a back-end level, it creates a complete login, logout, forgot my password, remember me on this computer, etc. system for you. There are about a dozen different things you can enable or disable in your devise call in the model, and there are tons of third-party add-ons you can install (like Invitable) that do specific things you might need, like authenticate against Facebook (ewww) or whatever your heart or client desires. If you use the rake task to unpack the views, you'll see that it makes a whole flotilla of views for you, and anything you do to those (and the db, naturally) will just magically work for you. You don't have to unpack them if you don't want to, but it helps to see what goes where.

Walter

I absolutely love Devise! Excellent recommendation! Thanks!!! XD

Ok so I read the introductory documentation for Devise. I'm going to
create an Admin controller too. What I can't find out though, I have
googled it several times too, is how to apply a Layout file for a
specific method of the same Class.

For example, the User class: the sign up, sign in and index methods are
supposed to have different layouts.

The sign up should be a page with just a no-link logo and just the form
so I won't distract the user from signing up.

The sign in also a very basic for asking for username and password.

The index is supposed to be displayed AFTER the user has logged in and
he can be able to see a list of users.

You get the idea.

I had read that Rails looks for a specific class layout and if it
doesn't find it, it goes for application.html.erb I tried adding layout
files in the layout directory users.html.erb sessions.html.erb but it
doesn't work. So how can I setup the different layouts?

You might want to ask on the Devise list, I haven't done anything quite like this before, but you're right -- it is probably something that just works.

Walter

Ok so I read the introductory documentation for Devise. I’m going to

create an Admin controller too.

Manage roles with a roles model not with a model for every role, it creates a lot of problems later on.

what I can’t find out though, I have

googled it several times too, is how to apply a Layout file for a

specific method of the same Class.

For example, the User class: the sign up, sign in and index methods are

supposed to have different layouts.

The sign up should be a page with just a no-link logo and just the form

so I won’t distract the user from signing up.

The sign in also a very basic for asking for username and password.

The index is supposed to be displayed AFTER the user has logged in and

he can be able to see a list of users.

You get the idea.

I had read that Rails looks for a specific class layout and if it

doesn’t find it, it goes for application.html.erb I tried adding layout

files in the layout directory users.html.erb sessions.html.erb but it

doesn’t work. So how can I setup the different layouts?

use this and set the layout based on the devise_scope (the example is based on the controllers)

layout :layout_by_resource

  def layout_by_resource
    if devise_controller?

      "layout_name_for_devise"
    else
      "application"
    end
  end