Complete the code to create a new session for a user after login.
session[:user_id] = [1]After a successful login, you store the user's ID in the session using @user.id to keep track of the logged-in user.
Complete the code to find the current logged-in user from the session.
@current_user ||= User.find_by(id: [1])The current user is found by looking up the user ID stored in the session with session[:user_id].
Fix the error in the logout method to clear the user session.
def logout [1] @current_user = nil end
To log out a user, you remove the :user_id key from the session using session.delete(:user_id). This clears the user's login state.
Fill both blanks to create a login form that posts to the sessions path with email and password fields.
<%= form_with url: [1], method: [2] do |form| %> <%= form.label :email %> <%= form.email_field :email %> <%= form.label :password %> <%= form.password_field :password %> <%= form.submit "Log in" %> <% end %>
The login form should post to sessions_path using the HTTP POST method :post to send the user's credentials securely.
Fill all three blanks to implement a before_action that requires login for certain controller actions.
before_action :[1], only: [:edit, :update, :destroy] private def [1] redirect_to [2] unless [3] end
The before_action calls require_login before specified actions. The method redirects to login_path unless the user is logged_in?.