Home arrow Ruby-on-Rails arrow Page 4 - Securing the Login for a Rails Ecommerce Application

Securing the Login for a Rails Ecommerce Application

In the first part of this four-part series we started to learn about security for an ecommerce application in Ruby-on-Rails. In this second part we're going to test some of what we did in the first part, and implement some important login features. This article is excerpted from chapter eight of the book Practical Rails Projects, written by Eldon Alameda (Apress; ISBN: 1590597818).

Author Info:
By: Apress Publishing
Rating: 5 stars5 stars5 stars5 stars5 stars / 5
June 17, 2010
  1. · Securing the Login for a Rails Ecommerce Application
  2. · Implementing the Fail Log In User Story
  3. · Adding the Flash Message
  4. · Adding Login Links and Styling

print this article

Securing the Login for a Rails Ecommerce Application - Adding Login Links and Styling
(Page 4 of 4 )

Letís finish off by adding links for logging in and out in the default layout file,app/views/ layouts/application.rhtml:

<div id="header">
  <h1 id="logo">Emporium&trade;</h1>
  <h2 id="slogan">Books on Rails</h2>
<p id="loginlogout">
    <% if current_user %>
      Logged in as <%= current_user.login %>
      (<%= link_to "Logout", :controller => "/account", :action => "logout" %>)
    <% else %>
      <%= link_to "Login", :controller => "/account", :action => "login" %>
    <% end %>

Finally, letís add a bit of styling for the#loginlogoutbox. Openpublic/stylesheets/style.cssand add the following rules at the bottom of the file:

#loginlogout {
  background-color: #ccc;
  padding: 8px;
  width: 100px;
  position: absolute;
  top: 0px;
  right: 10px;

Now the login status box appears in the top-right corner of the page, as shown in Figure 8-3.

Figure 8-3.  Styled login status box

Please check back tomorrow for the continuation of this article.

DISCLAIMER: The content provided in this article is not warranted or guaranteed by Developer Shed, Inc. The content provided is intended for entertainment and/or educational purposes in order to introduce to the reader key ideas, concepts, and/or product reviews. As such it is incumbent upon the reader to employ real-world tactics for security and implementation of best practices. We are not liable for any negative consequences that may result from implementing any information covered in our articles or tutorials. If this is a hardware review, it is not recommended to open and/or modify your hardware.

blog comments powered by Disqus

- Ruby-on-Rails Faces Second Security Flaw in ...
- Ruby 2.0 Prepped for February 2013 Release
- Why LinkedIn Switched from Ruby on Rails
- Adding Style with Action Pack
- Handling HTML in Templates with Action Pack
- Filters, Controllers and Helpers in Action P...
- Action Pack and Controller Filters
- Action Pack Categories and Events
- Logging Out, Events and Templates with Actio...
- Action Pack Sessions and Architecture
- More on Action Pack Partial Templates
- Action Pack Partial Templates
- Displaying Error Messages with the Action Pa...
- Action Pack Request Parameters
- Creating an Action Pack Registration Form

Watch our Tech Videos 
Dev Articles Forums 
 RSS  Articles
 RSS  Forums
 RSS  All Feeds
Write For Us 
Weekly Newsletter
Developer Updates  
Free Website Content 
Contact Us 
Site Map 
Privacy Policy 

Developer Shed Affiliates


© 2003-2019 by Developer Shed. All rights reserved. DS Cluster - Follow our Sitemap
Popular Web Development Topics
All Web Development Tutorials