AUTH Part First

Some content or resources may be available for public consumption and don’t require any type of identification or authentication — think of basic web site content. However, protected resources do require additional security steps. The first step of access control at runtime is authentication because if we can’t reliably and securely validate the subject identity, how can we make appropriate decisions about what they can and can’t do? Think of authentication as a crucial precursor to authorization.

Authentication is important because it enables organizations to keep their networks secure by permitting only authenticated users (or processes) to access its protected resources, which may include computer systems, networks, databases, websites and other network-based applications or services.

Let’s create an example of simple AUTH first part

First part (create user)

1 step — Create a new rails app

2 step — Install Bcrypt

Go to Gemfile and uncomment line with:

Run in your terminal: Bundle install

3 step — Create a route to create a user action

Go to route.rb and write:

4 step — Create a controller Users

Run in your terminal: Rails g controller Users. Then write a create action in Users_controller.rb:

5 step — Create a user model

Run in your terminal: Rails g model User. Inside the model user.rb write :

6 step — Create a migration

Set attributes inside the migration file:

Run in your terminal: Rails db:migrate

7 step — Create a new user with Postman

So, the first part is done.