Sign up (create account, create user)

The application I’m creating works like this:
There is an account (a company)
Users belong to the Account (company)

So when somebody wants to sign up and create an account, it should
create an account, then create a user.

username(User)
password(Users)
company(Account)

So I created a Signup controller. I want to add validation but I don’t
have a model (for unique and presence validation)for it because the
signup controller is supposed to create User and Account.

class SignupController < ApplicationController
def new
@account = Account.new
@user = User.new

respond_to do |format|
  format.html # new.html.erb
end

end

def create
@account = Account.new(params[:account])

respond_to do |format|

if @account.save
  format.html { redirect_to(@account, :notice => 'Account was

successfully created.’) }
@user = User.new(params[:user])
@user.account_id = @account.id
if @user.save
format.html { redirect_to(@user, :notice => ‘User was
successfully created.’) }
else
# user wasn’t saved
format.html { render :action => “new” }
end
else
# account wasn’t saved
format.html { render :action => “new” }
end
end
end

end

Leonel . wrote in post #955883:

The application I’m creating works like this:
There is an account (a company)
Users belong to the Account (company)

So when somebody wants to sign up and create an account, it should
create an account, then create a user.

username(User)
password(Users)
company(Account)

Are you using an authentication library such as Authlogic for this? If
not, I highly recommend doing so.

So I created a Signup controller. I want to add validation but I don’t
have a model (for unique and presence validation)for it because the
signup controller is supposed to create User and Account.

So? You still need models.

class SignupController < ApplicationController
[…]

Do you have a question here? I’m not sure I understand why you’re
posting.

Best,

Marnen Laibow-Koser
http://www.marnen.org
[email protected]

On 20 October 2010 20:17, Leonel . [email protected] wrote:

So I created a Signup controller. I want to add validation but I don’t
have a model (for unique and presence validation)for it because the
signup controller is supposed to create User and Account.

Is your question how to add validation? When you say you don’t have a
model I presume you mean you do not have a Signup model. The
validations go with the model that you are writing to so the
validations will be on the User and Account models. Then when you try
to save them they will fail so you can take appropriate action.

However, as Marnen has said, if you want authentication then I also
suggest looking at Authlogic unless you are just doing this as an
exercise. There are a lot of pitfalls in authentication that are easy
to fall into and it is an area of the site that can give you big
problems if it is not secure. There is also devise that has had some
publicity lately but I have not tried it.

Colin

Leonel . wrote in post #955895:

Are you using an authentication library such as Authlogic for this? If
not, I highly recommend doing so.
Nope, I’m using a digest sha2 password with salt.

That’s orthogonal to whether you’re using an authentication library.

I’ll take a look at
Authlogic.

Do. Particularly as a beginner, you don’t want to implement your own
authentication system when so many other people have already done it.

So? You still need models.
You mean, a model that references other models?

Huh? You seemed to be saying you didn’t have User and Account models.

Do you have a question here? I’m not sure I understand why you’re
posting.
Sorry, forgot the question, the question of course was: what’s the best
way to create an account and then a username with account_id(the one
that was just created) by using the Signup controller?

Why do you need both User and Account? From the logic you posted, it
looks like they’re always going to be in a 1:1 relationship, which means
you only need one.

Best,

Marnen Laibow-Koser
http://www.marnen.org
[email protected]

So? You still need models.
You mean, a model that references other models?
Huh? You seemed to be saying you didn’t have User and Account models.
Yes, I do. According to Colin, the validation will be taken from User
and Account models.

Why do you need both User and Account? From the logic you posted, it
looks like they’re always going to be in a 1:1 relationship, which means
you only need one.

The user that signs up and creates the account is the admin user for the
account. Then, he can send email invitations to his staff (users) to
also use the application.

Account has many Users
User belongs to Account

Leonel . wrote in post #955920:

So? You still need models.
You mean, a model that references other models?
Huh? You seemed to be saying you didn’t have User and Account models.
Yes, I do. According to Colin, the validation will be taken from User
and Account models.

What should be getting validated?

Why do you need both User and Account? From the logic you posted, it
looks like they’re always going to be in a 1:1 relationship, which means
you only need one.

The user that signs up and creates the account is the admin user for the
account. Then, he can send email invitations to his staff (users) to
also use the application.

Account has many Users
User belongs to Account

Then yeah, you need both classes. It wasn’t obvious from the code you
posted.

Best,

Marnen Laibow-Koser
http://www.marnen.org
[email protected]

What should be getting validated?
Make sure an username, password and email have been entered and such.

About the form, I was using form_tag and then realized the form is not
connected to any class. How can I connect the form to two different
classes? For example: company_name field to Account class and
username/password to User class?

On Oct 20, 2010, at 5:34 PM, Leonel . wrote:

What should be getting validated?
Make sure an username, password and email have been entered and such.

Any decent authentication system will do this for you, for free.

I have used Devise on three separate projects lately, and it is rock-
solid and easy to apply to an existing project or to design around. If
you like the look of the stock views, you don’t even need to do
anything extra.

If you want to fiddle, you can ask it to generate a full set of views
and fuss with every line-break and what-else. Watch the Railscast.
You’ll be kicking yourself for wanting to build it from scratch.

Walter

Are you using an authentication library such as Authlogic for this? If
not, I highly recommend doing so.
Nope, I’m using a digest sha2 password with salt. I’ll take a look at
Authlogic.

So? You still need models.
You mean, a model that references other models?

Do you have a question here? I’m not sure I understand why you’re
posting.
Sorry, forgot the question, the question of course was: what’s the best
way to create an account and then a username with account_id(the one
that was just created) by using the Signup controller?

Walter D. wrote in post #955927:

On Oct 20, 2010, at 5:34 PM, Leonel . wrote:

What should be getting validated?
Make sure an username, password and email have been entered and such.

Any decent authentication system will do this for you, for free.

I have used Devise on three separate projects lately, and it is rock-
solid and easy to apply to an existing project or to design around. If
you like the look of the stock views, you don’t even need to do
anything extra.

If you want to fiddle, you can ask it to generate a full set of views
and fuss with every line-break and what-else. Watch the Railscast.
You’ll be kicking yourself for wanting to build it from scratch.
Well, yes, that’s for the login, which I will research tomorrow morning.
The validation I was talking about was for Account creation.

On Oct 20, 2010, at 6:02 PM, Leonel . wrote:

solid and easy to apply to an existing project or to design around.

Also built in.

You can add Devise to an existing model, and it just works. Or use the
devise generator to make a new model with all the trimmings.

Walter

Leonel . wrote in post #955933:

Walter D. wrote in post #955927:

On Oct 20, 2010, at 5:34 PM, Leonel . wrote:

What should be getting validated?
Make sure an username, password and email have been entered and such.
[…]
The validation I was talking about was for Account creation.

WTF? Your Accounts will have usernames and e-mail addresses? Why?
Those properly belong to Users.

Am I misunderstanding?

Best,

Marnen Laibow-koser
http://www.marnen.org
[email protected]

On Oct 20, 2010, at 11:36 PM, Leonel . wrote:

Your Accounts will have usernames and e-mail addresses? Why?
Those properly belong to Users.

Am I misunderstanding?
Yes, a little bit :stuck_out_tongue: Like I said above…
“The user that signs up and creates the account is the admin user for
the
account. Then, he can send email invitations to his staff (users) to
also use the application.”

You really want to use Devise and Devise Invitable for this. You just
described the last site I built with this combination EXACTLY, and the
one before that almost the same (restricted invitations to members of
the Sales team). There is one User model, with Devise and Invitable in
it. Practices (it’s a medical device site) are validated to have a
unique name. The first User to register a Practice becomes its owner,
and can then access the invitation page to send keys to other people
by entering their e-mail address. But I didn’t have to make any extra
controllers for this, just follow the fall-line of the Devise and
invitable instructions. When I wanted additional fields in my
database, I just rolled a new migration and modified the views.
Everything else was taken care of for me.

Walter

Your Accounts will have usernames and e-mail addresses? Why?
Those properly belong to Users.

Am I misunderstanding?
Yes, a little bit :stuck_out_tongue: Like I said above…
“The user that signs up and creates the account is the admin user for
the
account. Then, he can send email invitations to his staff (users) to
also use the application.”

Account has many Users
User belongs to Account

Think of the Account class as a Company class or a Business class. The
users belong to the Account, Business or Company (whatever you want to
call it). Let’s say the account is like the company, and it contains
address, website, phone, fax.

So when somebody opens up an account using the sign up form it fills out
fields like this:
*First name (User class)
*Last name (User class)
*Company (Account class)
*Username (User class)
*Password (User class)
*Application Address http://______.application.com (Account class)

So I created a Signup controller. When submitting the sign up form, both
an Account object and an User object have to be created. Since User
belongs to Account. The newly created account.id has to be entered in
user.account_id

That’s why I’m saying that I have to create an Account and a User using
the same controller and reference the User to the Account.

Also built in.

You can add Devise to an existing model, and it just works. Or use the
devise generator to make a new model with all the trimmings.
For sure will take a look at it tomorrow early morning :smiley:

Thanks

On Oct 21, 2010, at 9:45 AM, Leonel . wrote:

the
unique name. The first User to register a Practice becomes its owner,
only for authentication (logging in) but also on forms that CREATE
ACCOUNTS and users???

That’s exactly what it’s for. Instead of just handling the
authentication side of things at a back-end level, it creates a
complete login, logout, forgot my password, remember me on this
computer, etc. system for you. There are about a dozen different
things you can enable or disable in your devise call in the model, and
there are tons of third-party add-ons you can install (like Invitable)
that do specific things you might need, like authenticate against
Facebook (ewww) or whatever your heart or client desires. If you use
the rake task to unpack the views, you’ll see that it makes a whole
flotilla of views for you, and anything you do to those (and the db,
naturally) will just magically work for you. You don’t have to unpack
them if you don’t want to, but it helps to see what goes where.

Walter

Walter D. wrote in post #956070:

On Oct 20, 2010, at 11:36 PM, Leonel . wrote:

Your Accounts will have usernames and e-mail addresses? Why?
Those properly belong to Users.

Am I misunderstanding?
Yes, a little bit :stuck_out_tongue: Like I said above…
“The user that signs up and creates the account is the admin user for
the
account. Then, he can send email invitations to his staff (users) to
also use the application.”

You really want to use Devise and Devise Invitable for this. You just
described the last site I built with this combination EXACTLY, and the
one before that almost the same (restricted invitations to members of
the Sales team). There is one User model, with Devise and Invitable in
it. Practices (it’s a medical device site) are validated to have a
unique name. The first User to register a Practice becomes its owner,
and can then access the invitation page to send keys to other people
by entering their e-mail address. But I didn’t have to make any extra
controllers for this, just follow the fall-line of the Devise and
invitable instructions. When I wanted additional fields in my
database, I just rolled a new migration and modified the views.
Everything else was taken care of for me.

Awesome! Thanks, I was actually watching the Railscast when I noticed I
had an email notification of a forum post. So Devise will help me not
only for authentication (logging in) but also on forms that CREATE
ACCOUNTS and users???

Ok so I read the introductory documentation for Devise. I’m going to
create an Admin controller too. What I can’t find out though, I have
googled it several times too, is how to apply a Layout file for a
specific method of the same Class.

For example, the User class: the sign up, sign in and index methods are
supposed to have different layouts.

The sign up should be a page with just a no-link logo and just the form
so I won’t distract the user from signing up.

The sign in also a very basic for asking for username and password.

The index is supposed to be displayed AFTER the user has logged in and
he can be able to see a list of users.

You get the idea.

I had read that Rails looks for a specific class layout and if it
doesn’t find it, it goes for application.html.erb I tried adding layout
files in the layout directory users.html.erb sessions.html.erb but it
doesn’t work. So how can I setup the different layouts?

You might want to ask on the Devise list, I haven’t done anything
quite like this before, but you’re right – it is probably something
that just works.

Walter

I absolutely love Devise! Excellent recommendation! Thanks!!! XD

On Fri, Oct 22, 2010 at 10:04 AM, Leonel . [email protected]
wrote:

Ok so I read the introductory documentation for Devise. I’m going to
create an Admin controller too.

Manage roles with a roles model not with a model for every role, it
creates a lot of problems later on.

what I can’t find out though, I have

googled it several times too, is how to apply a Layout file for a
specific method of the same Class.

he can be able to see a list of users.

You get the idea.

I had read that Rails looks for a specific class layout and if it
doesn’t find it, it goes for application.html.erb I tried adding layout
files in the layout directory users.html.erb sessions.html.erb but it
doesn’t work. So how can I setup the different layouts?

use this and set the layout based on the devise_scope (the example is
based
on the controllers)

layout :layout_by_resource

def layout_by_resource
if devise_controller?
“layout_name_for_devise”
else
“application”
end
end

This forum is not affiliated to the Ruby language, Ruby on Rails framework, nor any Ruby applications discussed here.

| Privacy Policy | Terms of Service | Remote Ruby Jobs