9 #Rails
http://railstutorial.jp/
Rails
by YassLab
Slideshare
http://www.slideshare.net/yasulab/presentations
Cloud9
1. 2. URL 3.
https://ide.c9.io/yasulab/rails-tutorial
https://rails-tutorial-yasulab.c9users.io/
URL “Collaborate” → “Group Chat”
9 #Rails
http://railstutorial.jp/
Rails
by YassLab
1. session :
• Session RESTful
• Session /
2. /
• Log in/out
•
•signup .
1. Remember me
•
2. Cookies Token
• /
• Check Box
3. Remember me
9 9.1 Remember me
http://railstutorial.jp/
Rails
by YassLab
1. 🏦
👉 .
2. 💰 ✅
👉 ( ) .
3. 🐦 SNS 🤔
👉 ( ) .
?,
:
1.
👉 SSL (HTTPS) ✅
2. DB ( )
👉 ( ) 🤔
3. XSS
👉 CSRF ✅
4.
👉 🤔
Router
Controller
View
Model
DatabaseReq.
HTML
Cookies
2 Rails
🔑
DB
bcrypt
foobarhogehoge
$10$2FIEggLq.BFq7J17N7a9C.mTBgKeJ9uWanLq…
$2a$10$Kc/EY79ieCTBVYFktWkUKOhhY0kItaYPAyMsT23rvAR…
password_digest
🔑 🔑
DB
bcrypt
$10$2FIEggLq.BFq7J17N7a9C.mTBgKeJ9uWanLq…
$2a$10$Kc/EY79ieCTBVYFktWkUKOhhY0kItaYPAyMsT23rvAR…
remember_digest
q5lt38hQDc959PVoo6b7
vpb8MgPiJyI5UlRjfeuAZA🔑 🔑
ID
User.find_by(❓)
@user.authenticate(🔑)$2a$10$Kc/EY79ieCTBVYFktWkUKOhhY0kItaYPAyMsT23rvAR…
remember_digest
signed[:user_id]340394
vpb8MgPiJyI5UlRjfeuAZA🔑user_id: 3
email 😭
1. $ rails generate migration add_remember_digest_to_users remember_digest:string
2. SecureRandom.urlsafe_base64
3. DB
4. cookies ID Token
5. cookies ID DB .cookies Token .
🔧
1. :
log_out log_out ..
2.
:
nil Bcrypt .nil return .
2
9 9.2 [Remember me]
http://railstutorial.jp/
Rails
by YassLab
1. Log in
2. CSS
3. params[:session][:remember_me] , remember ,
forget .
[Remember me]
9 9.3 [Remember me]
http://railstutorial.jp/
Rails
by YassLab
1. log_in_as ! 🔓
2. [Remeber me] . (nil ) .
[Remember me]
1. raise
2. log_in_as
3. SessionsHelper
4. log_in_as cookies
5. (nil )
[Remember me]
9 9.4
http://railstutorial.jp/
Rails
by YassLab
• Test→Commit→Merge→Push 💨
…
⚠ Heroku push !
🔧 DB
• Heroku migrate console 💻 ☁$ heroku run rails db:migrate $ heroku run console --sandbox
1. Remember me
•
2. Cookies Token
• /
• Check Box
3. Remember me
Action Controller http://railsguides.jp/action_controller_overview.html
Action View http://railsguides.jp/form_helpers.html
Rails http://railsguides.jp/security.html
• :)
• : http://railstutorial.jp/seminars
• :) ,
.
• , .
9 #Rails
http://railstutorial.jp/
Rails
by YassLab