I am creating a new app with simple authentication, but i get this error:
No route matches {:action=>"show", :controller=>"users", :id=>nil},
missing
required keys: [:id]
I have tried other stackoverflow solutions but none have seemed to work for me.
This is my users_controller:
class UsersController < ApplicationController
def new; end
def create
#user = User.create(password: params[:password], email: params[:email],
firstname: params[:firstname], lastname: params[:lastname])
redirect_to user_path(#user)
end
def show
#user = User.find(params[:id])
end
end
My sessions controller:
class SessionsController < ApplicationController
def new
end
def create
user = User.find_by_email(params[:email])
if user && user.authenticate(params[:password])
session[:user_id] = user.id
redirect_to root_url, notice: "Logged in!"
else
flash.now[:alert] = "Email or password is invalid"
render "new"
end
end
def destroy
session[:user_id] = 1
redirect_to root_url, notice: "Logged out!"
end
end
routes.rb :
Rails.application.routes.draw do
# Fubyonrails.org/routing.html
root :to => 'static#welcome'
resources :users, only: [:new, :create, :show]
resources :sessions, only: [:new, :create, :destroy]
resources :studios
end
<h1> Hey, <%= #user.firstname %>! </h1>
<h3>Home</h3>
<%= link_to "Log Out", session_path, method: :delete %>
<%= stylesheet_link_tag 'users', media: 'all', 'data-turbolinks-track' =>
true %>
The problem is after create a user? If yes, make sure that the user is being created and exists. The problem could be that #user is nil
Check your user_show route it would be like
users/:id/show
You have to pass param id along with your request to show that id object. Right now you're call is missing param id.
You're call should be like this
users/1/show
Where as 1 is the user id in DB
Related
I am building a simple blog app using Ruby on Rails that allows users to log in/out, sign up and perform actions on their articles and profiles based on permissions and restrictions.
I have encountered a problem with the destroy User action. In the users/index view(where all existing users are listed), it causes no errors due to the url path containing no {:id}, but the redirect_to root_path does not work. If the same action is executed in the users/show page(personal profile page with some info and associated articles), due to the url being localhost/users/id, when the user is deleted I get "Couldn't find User with 'id'=33" error shown below. If I manually go to the root route, the successful account deletion message shows up and the action is performed correctly. So this is not a metter of DESTROY not working, but of redirection I believe. I have tried redirecting to different paths but it still doesn't work. Here are the related files:
routes.rb
Rails.application.routes.draw do
root "pages#home"
get "about", to: "pages#about"
resources :articles
get "signup", to: "users#new"
resources :users, except: [:new]
get 'login', to: 'sessions#new'
post 'login', to: 'sessions#create'
get 'logout' => :destroy, to: 'sessions#destroy'
end
pages_controller
class PagesController < ApplicationController
def home
redirect_to articles_path if logged_in?
end
def about
end
end
users_controller
class UsersController < ApplicationController
before_action :set_user, only: [:show, :edit, :update, :destroy]
before_action :require_user, only: [:edit, :update]
before_action :require_same_user, only: [:edit, :update, :destroy]
def index
#users = User.all
end
def show
#articles = #user.articles
end
def new
#user = User.new
end
def edit
end
def create
#user = User.new(user_params)
if(#user.save)
session[:user_id] = #user.id #logs user in automatically once they are signed up
flash[:notice] = "Welcome to AlphaBlog, #{#user.username}!"
redirect_to articles_path
else
render 'new'
end
end
def update
if #user.update(user_params)
flash[:notice] = "Account updated!"
redirect_to #user
else
render 'edit'
end
end
def destroy
#user.destroy
session[:user_id] = nil
flash[:notice] = "Account and all associated articles deleted!"
redirect_to root_path
end
private
def user_params
params.require(:user).permit(:username, :email, :password)
end
def set_user
#user = User.find(params[:id])
end
def require_same_user
if current_user != #user
flash[:alert] = "You can only edit your own profile!"
redirect_to current_user
end
end
end
sessions_controller
class SessionsController < ApplicationController
def new
end
def create
user = User.find_by(email: params[:session][:email].downcase)
if user && user.authenticate(params[:session][:password])
session[:user_id] = user.id
flash[:notice] = "Logged in successfully!"
redirect_to user
else
flash.now[:alert] = "There was something wrong with your login details!"
render 'new'
end
end
def destroy
session[:user_id] = nil
flash[:notice] = "Logged out."
redirect_to root_path
end
end
users/index.html.erb
<div class = "header">
<h1>
AlphaBlog
<% if logged_in? %>
<%= link_to 'Articles', articles_path, method: :get, class: "index-button-to" %>
<% else %>
<%= link_to 'Home', root_path(), method: :get, class: "index-button-to" %>
<%= link_to 'Articles', articles_path, method: :get, class: "index-button-to" %>
<% end %>
<%= render 'layouts/log_in_out_navigation'%>
</h1>
</div>
<h2>Alpha Bloggers</h2>
<div class="index-container">
<%# cycle through all articles and show them all in a table %>
<% #users.each do |user| %>
<div class = "index-article-container">
<div class="index-article-user" style = "color:rgb(16, 136, 255);">
<%= user.username %>
</div>
<div class="white">
<div class="index-article-title">
<%= gravatar_for(user, size: 150) %>
</div>
<div class="index-article-description">
<%# gives the plural word for multiple articles %>
<%= pluralize(user.articles.count, "article") %>
</div>
<div class="index-article-actions">
<%# shows selected article page %>
<%= link_to 'View Profile', user, class: "index-link-to show" %>
<% if logged_in? && current_user.username == user.username %>
<%# shows selected article EDIT page. edit_article_path because in routes,
the prefix for edit is edit_article && (article) because we need the id for the path as well%>
<%= link_to 'Edit Profile', edit_user_path(user), data: { turbo_method:
:get}, class: "index-link-to edit" %>
<%= link_to 'Delete Profile', user_path(current_user), data: {
turbo_method: :delete, turbo_confirm: "Are you sure? (This will also delete all of your
articles)" }, class: "index-link-to delete" %>
<% end %>
</div>
</div>
<div class="index-created-updated">
Joined <%= time_ago_in_words(user.created_at) %> ago.
</div>
</div>
<% end %>
users/show.html.erb
<div class = "header">
<h1>
AlphaBlog
<% if logged_in? %>
<%= link_to 'Articles', articles_path, method: :get, class: "index-button-to" %>
<%= link_to 'Bloggers', users_path, method: :get, class: "index-button-to" %>
<% else %>
<%= link_to 'Home', root_path(), method: :get, class: "index-button-to" %>
<%= link_to 'Articles', articles_path, method: :get, class: "index-button-to" %>
<%= link_to 'Bloggers', users_path, method: :get, class: "index-button-to" %>
<% end %>
<%= render 'layouts/log_in_out_navigation'%>
</h1>
</div>
<h2> <%= #user.username %>'s profile </h2>
<div class="show-users-image">
<%# gravatar_for method created in helpers/application_helper %>
<%= gravatar_for #user, size: 200 %>
<% if logged_in? && current_user.username == #user.username %>
<div class="index-profile-actions">
<%= link_to "Edit Profile", edit_user_path(#user), class: "index-link-to edit" %>
<%= link_to 'Delete Profile', user_path(current_user), data: { turbo_method: :delete,
turbo_confirm: "Are you sure? (This will also delete all of your articles)" }, class: "index-
link-
to delete", style: "margin-top:0.3vh" %>
</div>
<% end %>
</div>
<h3 style = "text-align:center">Articles</h3>
<%= render 'articles/article' %>
error page
The way to do this in Rails 7 is to update the destroy action in the UsersController by adding status: :see_other after the redirect, as follows:
def destroy
#user.destroy
session[:user_id] = nil
flash[:notice] = "Account and all associated articles deleted!"
redirect_to root_path, status: :see_other
end
I think the answer here is really a very different layout of your routes and controller (or to not reivent the wheel in the first place). Passing the user id through the parameters would be fine if your making a system where you are managing other users - but its pretty wonky when users are managing their own profiles.
For example this is how users CRUD their own profiles in a vanilla Devise setup:
Verb URI Pattern Controller#Action
------------------------------------------------------------------------
GET /users/cancel(.:format) devise/registrations#cancel
GET /users/sign_up(.:format) devise/registrations#new
GET /users/edit(.:format) devise/registrations#edit
PATCH /users(.:format) devise/registrations#update
PUT /users(.:format) devise/registrations#update
DELETE /users(.:format) devise/registrations#destroy
POST /users(.:format) devise/registrations#create
Note the lack of the :id parameter in the URI Pattern. Thats because its implied that the resource in question is the currently signed in user, and that the user is identified through the session (or a token).
The controller is named Registrations to avoid the ambiguity if the programmer later wants to add a UsersController to manage other users.
If you want to do something similiar you can generate singular routes by using the resource macro instead of resources.
# routes for user registration
resource :registrations,
only: [:new, :edit, :update, :create, :destroy]
# routes for viewing other users
resources :users, only: [:index, :show]
Which will generate:
Prefix Verb URI Pattern Controller#Action
-----------------------------------------------------------------------
new_registrations GET /registrations/new(.:format) registrations#new
edit_registrations GET /registrations/edit(.:format) registrations#edit
registrations GET /registrations(.:format) registrations#show
PATCH /registrations(.:format) registrations#update
PUT /registrations(.:format) registrations#update
DELETE /registrations(.:format) registrations#destroy
POST /registrations(.:format) registrations#create
Name it whatever you want. The core takeaway here is to not confuse two completely different problems - user management and user registrations and have separate endpoints and controllers for each responsibilty.
Then in your controller you simply authenticate the user from the session and redirect the user if they are not authenticated:
# Handles user account registration, updates and deleting accounts
class RegistrationsController < ApplicationController
before_action :require_user, except: [:new, :create]
# Displays the form for signing up a user
# GET /registrations
def new
#user = User.new
end
# Register a new user and sign them in
# POST /registrations
def create
#user = User.new(user_params)
if #user.save
reset_session # avoids session fixation attacks
session[:user_id] = #user.id #logs user in automatically once they are signed up
flash[:notice] = "Welcome to AlphaBlog, #{#user.username}!"
redirect_to articles_path
else
render :new
end
end
# Form for editing the users own profile
# GET /registrations/edit
def edit
#user = current_user
end
# Update the currently signed in user
# PATCH /registrations
def update
#user = current_user
if #user.update(user_params)
flash[:notice] = "Account updated!"
redirect_to current_user
else
render :new
end
end
# Cancel the current users registration
# DELETE /registrations
def delete
current_user.delete
reset_session # avoids session fixation attacks
flash[:notice] = "Account and all associated articles deleted!"
redirect_to root_path
end
private
def user_params
params.require(:user).permit(:username, :email, :password)
end
end
# Displays users
# Managing accounts is handled by RegistrationsController
class UsersController < ApplicationController
# GET /users
def index
#users = User.all
end
# GET /users/1
def show
#user = User.find(params[:id])
#articles = #user.articles
end
end
Since their is no id in the path you you need to set the delete button to send to the right path:
<%= button_to "Delete your account", registrations_path, method: :delete %>
And adjust your forms:
<%= form_with(model: #user, url: registrations_path) do |form| %>
# ...
<% end %>
Doing this the correct way would really be to do it the same way that Devise does and have a normal link that sends a GET request to a "Are you sure you want to delete your account?" page when then requires the user to enter their password or email and submits a DELETE request so that users don't accidentially delete their accounts.
But then again don't reinvent the authentication wheel unless you want a long and tedious lesson into wheelmaking.
I'm not sure you have truly got to the bottom of this. In your original approach I suspect two things are going on:
In users/index.html.erb you have link_to 'Delete Profile', user_path(current_user) but I think you want user_path(user). What you currently have will have every delete button try to delete the same user.
The fact that error says your are attempting to execute 'show' rather than 'destroy' makes me suspect that you do not have turbo loaded properly. You don't say what version of rails you are using, but for versions earlier than 7 you don't get turbo out of the box, and you should use UJS instead.
compare this https://guides.rubyonrails.org/getting_started.html#deleting-an-article with this https://guides.rubyonrails.org/v6.1/getting_started.html#deleting-an-article
i get the below error related to the links accept & decline in my
views - it's a routing issue but i am unsure how to go about it. could
one kindly advise me on how to correct this
error message
No route matches {:action=>"accept", :controller=>"friendships", :id=>"emma"}
No route matches {:action=>"decline", :controller=>"friendships", :id=>"emma"}
views/users/_friends.html.erb
<% #user.requested_friends.each do |requester| %>
<tr>
<td><%= link_to(image_tag("img-profile-image-default.png"), requester) %></td>
<td><%= link_to requester.firstname, requester %></td>
<td>
<%= link_to "Accept",
{ controller: "friendships",
action: "accept",
id: requester.firstname } %>
<%= link_to "Decline",
{ controller: "friendships",
action: "decline",
id: requester.firstname },
confirm: "Really decline friendship with #{requester.firstname}?" %>
</td>
</tr>
<% end %>
friendships_controller.rb
class FriendshipsController < ApplicationController
before_filter :setup_friends
def create
Friendship.request(#user, #friend)
flash[:notice] = "Friend request sent."
redirect_to :back
end
def accept
if #user.requested_friends.include?(#friend)
Friendship.accept(#user, #friend)
flash[:notice] = "Friendship with #{#friend.firstname} accepted!"
else
flash[:notice] = "No friendship request from #{#friend.firstname}."
end
redirect_to :back
end
def decline
if #user.requested_friends.include?(#friend)
Friendship.breakup(#user, #friend)
flash[:notice] = "Friendship with #{#friend.firstname} declined"
else
flash[:notice] = "No friendship request from #{#friend.firstname}."
end
redirect_to :back
end
def delete
if #user.friends.include?(#friend)
Friendship.breakup(#user, #friend)
flash[:notice] = "Friendship with #{#friend.firstname} deleted!"
else
flash[:notice] = "You aren't friends with #{#friend.firstname}"
end
redirect_to :back
end
private
def setup_friends
#user = User.find(current_user.id)
#friend = User.find_by_email(params[:id])
end
end
routes file
Rails.application.routes.draw do
resources :friendships, only: [:create, :update, :destroy]
end
friendships POST /friendships(.:format) friendships#create
friendship PATCH /friendships/:id(.:format) friendships#update
PUT /friendships/:id(.:format) friendships#update
DELETE /friendships/:id(.:format) friendships#destroy
Because you don't have any routes for accept or decline. Only Create, Update, Destroy as I see. You are doing it in friendships controller so in my opinion it is better to send friendship id as main param.
You can do it like this
resources :friendships, only: [:create, :update, :destroy] do
member do
post :accept
post :decline
end
end
This will create you routes and path helpers like
accept_friendship_path(id: friendship.id)
decline_friendship_path(id: friendship.id)
Or you can use
accept_friendship_path(friendship)
You can still send friend id as param adding it to link doing it like this
link_to "Accept", accept_friendship_path(friendship, friend_id: requester.id)
I've finished a Udemy course on making a Blog App in Rails. I've added JSON functionality for mobile viewing of articles and sign up/logging in. All working.
My next problem is I want to add upvotes and downvotes so logged in users can vote on articles.
I have installed acts_as_votable gem and followed a tute (http://www.mattmorgante.com/technology/votable) how to implement it but I am getting the following errors when a user clicks on upvote/downvote:
ActiveRecord::RecordNotFound or NoMethodError in ArticlesController
I'm guessing the first error is because the article controller already knows which article i'm talking about when i click upvote? So I commented that out for downvote_by and it doesn't know the method downvote_by
What have I missed? Appreciate the help. Thanks.
If I click Upvote:
If I click Downvote:
Articles controller:
class ArticlesController < ApplicationController
before_action :authenticate_user!, :except => [:index, :show]
before_filter :set_article, only: [:show, :edit, :update, :destroy]
def index
#articles = Article.all
end
def new
#article = Article.new
end
def create
#article = current_user.articles.build(article_params)
if #article.save
flash[:success] = "Article has been created"
redirect_to articles_path
else
flash.now[:danger] = "Article has not been created"
render :new
end
end
def edit
if #article.user != current_user
flash[:danger] = "You can only edit your own article"
redirect_to root_path
end
end
def update
if #article.user != current_user
flash[:danger] = "You can only edit your own article"
redirect_to root_path
else
if #article.update(article_params)
flash[:success] = "Article has been updated"
redirect_to #article
else
flash.now[:danger] = "Article has not been updated"
render :edit
end
end
end
def show
#comment = #article.comments.build
end
def destroy
if #article.destroy
flash[:success] = "Article has been deleted"
redirect_to articles_path
end
end
def upvote
#article=Article.find(params[:id])
#article.upvote_by current_user
flash[:success] = "Successfully liked"
respond_to do |format|
format.html {redirect_to articles_path }
format.json { render json: { count: #article.liked_count } }
end
end
def downvote
##article = Article.find(params[:id])
#article.downvote_by current_user
flash[:success] = "Successfully disliked"
respond_to do |format|
format.html {redirect_to articles_path }
format.json { render json: { count: #article.disliked_count } }
end
end
private
def article_params
params.require(:article).permit(:title, :body)
end
def set_article
#article=Article.find(params[:id])
end
end
show.html.erb file that concerns the likes/dislikes:
<div class="article-body">
<%= link_to article_like_path(#article), method: :put do %>
Upvote
<%= #article.get_upvotes.size %>
<% end %>
<%= link_to article_dislike_path(#article), method: :put do %>
Downvote
<%= #article.get_downvotes.size %>
<% end %>
Article model:
class Article < ActiveRecord::Base
validates :title, presence: true
validates :body, presence: true
belongs_to :user
acts_as_votable
has_many :comments, dependent: :destroy
default_scope { order(created_at: :desc)}
end
routes file:
Rails.application.routes.draw do
devise_for :users, :controllers => {registrations: "registrations", sessions: "sessions", :omniauth_callbacks => "callbacks"}
# The priority is based upon order of creation: first created -> highest priority.
# See how all your routes lay out with "rake routes".
#namespace :api, defaults: {format: :json} do
# scope :v1 do
# mount_devise_token_auth_for 'User', at: 'auth', skip: [:omniauth_callbacks]
# :controllers => { :sessions => "api/v1/sessions" },
# end
#end
# You can have the root of your site routed with "root"
root to: 'articles#index'
resources :articles do
put "like", to: "articles#upvote"
put "dislike", to: "articles#downvote"
resources :comments
end
end
Remove this code line from upvote and downvote actions in your controller:
#article = Article.find(params[:id])
watch the spaces between the equal sign
Edit your before_filter to this:
before_action :set_article, only: [:show, :edit, :update, :destroy, :upvote, :downvote]
Your routes should be :
resources :articles do
member do
put "like", to: "articles#upvote"
put "dislike", to: "articles#downvote"
end
resources :comments
end
I am new to ruby on rails. I am developing an application which has authentication system.
my problem is I am getting error when logging in to the application in production(Heroku). It is working in development.
Error
I production after i typing url https://akashpinnaka.herokuapp.com/login,
it is redirecting to https://akashpinnaka.herokuapp.comlogin. I am missing the '/' between root_url and 'login' for POST login.
Note: Working in development environment.
My routes are
Rails.application.routes.draw do
get 'welcome/index'
root 'welcome#index'
resources :articles
resources :projects
resources :users
get '/login' => 'sessions#new'
post '/login' => 'sessions#create'
delete 'logout' => 'sessions#destroy'
end
Sessions Controller
class SessionsController < ApplicationController
def new
end
def create
#user = User.find_by_email(params[:session][:email])
if #user && #user.authenticate(params[:session][:password])
session[:user_id] = #user.id
redirect_to root_path
else
redirect_to 'login'
end
end
def destroy
session[:user_id] = nil
redirect_to '/'
end
end
Sessions#new
<%= form_for(:session, url: login_path) do |f| %>
<%= f.email_field :email, :placeholder => "Email" %>
<%= f.password_field :password, :placeholder => "Password" %>
<%= f.submit "Log in" %>
<% end %>
Usually, when your form can't be saved, you don't redirect. You show the same form, with error explanation.
def create
#user = User.find_by_email(params[:session][:email])
if #user && #user.authenticate(params[:session][:password])
session[:user_id] = #user.id
redirect_to root_path
else
# should've been login_path
# redirect_to 'login'
render 'new' # this is better
end
end
If you are sure that you want to redirect, by all means, go ahead. But supply the correct path :)
You need use redirect_to '/login' or redirect_to login_path instead of redirect_to 'login'
#Sergio Tulentsev's answer is pretty good.
You should fix your routes:
#config/routes.rb
root "welcome#index"
resources :articles, :projects, :users
resources sessions, only: [:new, :create, :destroy], path_names: { new: "login", create: "login", destroy: "logout" }
Rails has two sets of path helpers - _path and _url
_path, as we know, is there to provide relative routes (/path).
_url is there to provide direct routes (http://domain.com/path)
Thus, when you have:
get "/login" (with leading slash) in your routes, it will almost certainly cause problems with your applications' relative link helpers.
As mentioned by #Sergio Tulentsev, your create method, and the destroy method, should be fixed to use the correct path helpers:
def create
#user = User.find_by email: params[:session][:email]
if #user && #user.authenticate(params[:session][:password])
session[:user_id] = #user.id
redirect_to root_path
else
redirect_to login_path
end
end
def destroy
...
redirect_to root_path
end
It's worth taking #Sergio's advice on the render :new command too!
So far I have implemented a simple user with authentication ( user controller and session controller) and I want to go to a MyAccount page using a users#edit route and update, say the email adress of the current user. The problem is that the update function is updating the current view with the email I want to change, but not the database, so when I hit refresh the #user.email object would return to its initial value. Thank you!
class UsersController < ApplicationController
before_action :set_user, only: [:show, :edit, :update, :destroy]
def new
#user = User.new
end
def create
#user = User.new(user_params)
if #user.save
UserMailer.registration_confirmation(#user).deliver
redirect_to log_in_path, :notice => "Signed up!"
else
render "new"
end
end
def edit
#user = current_user
end
def update
respond_to do |format|
if #user.update(user_params)
format.html { redirect_to #user, notice: 'User was successfully updated.' }
else
format.html { render action: "edit" }
end
end
end
private
def set_user
#user = current_user
end
def user_params
params.require(:user).permit(:email, :password, :password_confirmation)
end
end
I have also added the sessions controller I have created.
class SessionsController < ApplicationController
def create
user = User.authenticate(params[:email], params[:password])
if user
session[:user_id] = user.id
redirect_to root_url, :notice => "Logged in"
else
flash.now.alert = "Invalid email or password"
render "new"
end
end
def destroy
session[:user_id] = nil
redirect_to root_url, :notice => "Logged out"
end
end
My routes are as follows:
get "log_in" => "sessions#new", :as => "log_in"
get "log_out" => "sessions#destroy", :as => "log_out"
get "sign_up" => "users#new", :as => "sign_up"
#get "my_account" => "users#show", :as => "my_account"
get "my_account" => "users#edit", :as => "my_account"
get "main/index"
resources :users
resources :sessions
Finally, my Application controller and aplication.html:
class ApplicationController < ActionController::Base
protect_from_forgery with: :exception
helper_method :current_user
private
def current_user
#current_user ||= User.find(session[:user_id]) if session[:user_id]
end
end
In application.html is where I used the current_user method:
<div id="user_nav">
<% if current_user %>
Logged in as <%= current_user.email %>
<%= link_to "Log out", log_out_path %>
<%= link_to "My Account", my_account_path %>
<% else %>
<%= link_to "Sign up", sign_up_path %>
<%= link_to "Log in", log_in_path %>
<% end %>
</div>
I am not sure why you are using
if #user.update(:current_user)
It should be something like:
if #user.update(user_params)
I know this is simple and maybe you already corrected this but...
instead of
if #user.update(user_paramas)
try
if #user.update(user_params)