You're back at Flatiron Bank, where the executive staff has been alerted that the developers who built the authentication system forgot to use password encryption. That means that all of the bank's user passwords are easily available to hackers and bad actors. The CTO has called you in to implement secure passwords in the bank's system.
bcrypt gem, to implement this strategy.
We've got a basic Sinatra MVC application for our bank. In our
application_controller we have two helper methods defined;
logged_in? returns true or false based on the presence of a
current_user returns the instance of the logged in user, based on the
We have five actions defined:
get "/" dorenders an
index.erbfile with links to signup or login.
get '/signup'renders a form to create a new user. The form includes fields for
get '/login'renders a form for logging in.
get '/account'renders an
account.erbpage, which should be displayed once a user successfully logs in.
get '/failure'renders a
failure.erbpage. This will be accessed if there is an error logging in or signing up.
get '/logout'clears the session data and redirects to the home page.
The Helper Methods at the bottom of the controller are part of Sinatra's configurations for helper methods. These are methods that allow us to add logic to our views. Views automatically have access to all helper methods thanks to Sinatra.
We've also stubbed out a user model in
app/models/user.rb which inherits from
Fork and clone this repository and run
bundle install to get started. Preview your work by running
shotgun and navigating to http://localhost:9393 in your browser.
Get the tests to pass. You'll need to use 'bcrypt' to salt your password and make sure that it is encrypted.
You'll also need to create a users table. A user should have a username and password.
Add a migration that gives the user model a balance (should start for any user at $0), and add functionality on the account page to make deposits and withdrawals. A user should never be able to withdraw more money than they have in their account.
View Secure Password Lab on Learn.co and start learning to code for free.