ENTR-451 Week 8 Practice Exercise – Tacostagram Auth

Instructions

Using this repository as a template, create a tacogram-auth repo in your GitHub account and open the project in Gitpod – expected output of this script is There are 2 new posts.
Open the config/routes.rb file and note that resources for posts, sessions and users are already set up for you
Open the app/controllers folder and note that controllers for posts, sessions and users already exist

Secure data in transit: Modify the new user form to obfuscate the password from view
Secure data at rest: When creating a new user, encrypt the user's password with bcrypt
Challenge: Do not save a new user if the user's email is already taken

Secure data in transit: Modify the new session form to obfuscate the password from view
In app/controllers/sessions_controller.rb, authenticate a user:
- find user by email.
  - if no user is found: redirect to /login with a flash message
- if user exists: authenticate (i.e. check) their password
  - if authentication succeeds: store the user's id in a secure cookie (i.e. session)
  - if authentication succeeds: redirect to /posts with a flash message
  - if authentication fails: redirect to /login with a flash message
In app/controllers/sessions_controller.rb, logout a user in the destroy action
In app/controllers/application_controller.rb, assign @current_user
In app/views/layouts/application.html.erb, modify the navbar:
- conditionally hide the Login and Sign Up links if a user is logged in
- if user is logged in:
  - hide Login and Sign Up buttons
  - show first name of logged in user
  - show a Logout button

If a user is not logged in, hide the new post form and instead show a message telling the visitor they must login to post
In app/controllers/posts_controller.rb, assign the post's user as the logged in user
In app/views/posts/index.html.erb, display the first name of the user that created each post
Challenge: Do not let a non-logged-in visitor get to the new post form; instead redirect with a flash message

Name		Name	Last commit message	Last commit date
Latest commit History 1 Commit
.vscode		.vscode
app		app
bin		bin
config		config
db		db
lib		lib
log		log
public		public
scripts		scripts
tmp		tmp
vendor		vendor
.gitattributes		.gitattributes
.gitignore		.gitignore
.gitpod.Dockerfile		.gitpod.Dockerfile
.gitpod.yml		.gitpod.yml
.ruby-version		.ruby-version
Gemfile		Gemfile
Gemfile.lock		Gemfile.lock
README.md		README.md
Rakefile		Rakefile
config.ru		config.ru