0
0
Ruby on Railsframework~10 mins

Login and logout flow in Ruby on Rails - Step-by-Step Execution

Choose your learning style9 modes available
LearnWhyDeepVisualTryChallengeProjectRecallPerf
Concept Flow - Login and logout flow
User visits login page
User submits credentials
Check credentials
Create session
Redirect to [Stay on login page
User clicks logout
Destroy session
Redirect to login page
This flow shows how a user logs in by submitting credentials, the system checks them, creates a session if valid, and logs out by destroying the session.
Execution Sample
Ruby on Rails
def create
  user = User.find_by(email: params[:email])
  if user&.authenticate(params[:password])
    session[:user_id] = user.id
    redirect_to dashboard_path
  else
    render :new
  end
end

def destroy
  session.delete(:user_id)
  redirect_to login_path
end
This code handles login by checking user credentials and setting session, and logout by clearing session and redirecting.
Execution Table
StepActionInputConditionResultNext Step
1User visits login pageN/AN/ALogin form displayedUser submits credentials
2User submits credentialsemail: user@example.com, password: secretN/ACredentials receivedCheck credentials
3Check credentialsemail and passwordUser exists and password correct?TrueCreate session
4Create sessionuser.id = 1N/Asession[:user_id] = 1Redirect to dashboard
5Redirect to dashboardN/AN/ADashboard page shownUser clicks logout
6User clicks logoutN/AN/ALogout requestedDestroy session
7Destroy sessionN/AN/Asession[:user_id] deletedRedirect to login page
8Redirect to login pageN/AN/ALogin form displayed againEnd
💡 User logs out, session cleared, redirected to login page, flow ends.
Variable Tracker
VariableStartAfter Step 4After Step 7
session[:user_id]nil1nil
usernilUser object with id=1User object with id=1 (no change)
Key Moments - 3 Insights
Why does the session[:user_id] get set only after checking credentials?
Because setting session[:user_id] means the user is logged in. We only do this after confirming the user exists and the password is correct, as shown in step 3 and 4 of the execution_table.
What happens if the credentials are invalid?
The flow does not create a session or redirect to dashboard. Instead, it renders the login form again, as implied by the 'Invalid' branch in the concept_flow and step 3 condition being false.
Why do we delete session[:user_id] on logout?
Deleting session[:user_id] removes the user's login state, effectively logging them out. This is shown in step 7 of the execution_table.
Visual Quiz - 3 Questions
Test your understanding
Look at the execution_table, what is the value of session[:user_id] after step 4?
A1
Bnil
Cuser object
Dundefined
💡 Hint
Check the variable_tracker row for session[:user_id] after step 4.
At which step does the system check if the user credentials are valid?
AStep 2
BStep 4
CStep 3
DStep 6
💡 Hint
Look at the 'Condition' column in the execution_table.
If the user enters wrong password, what happens according to the flow?
Asession[:user_id] is set to nil
BLogin form is shown again
CUser is redirected to dashboard
DSession is deleted
💡 Hint
Refer to the concept_flow and the 'Invalid' branch after checking credentials.
Concept Snapshot
Login and logout flow in Rails:
- User submits email and password
- System checks credentials
- If valid, session[:user_id] is set
- Redirect to dashboard
- Logout clears session[:user_id]
- Redirect back to login page
Full Transcript
This visual execution shows the login and logout flow in a Rails app. The user visits the login page and submits credentials. The system checks if the user exists and the password matches. If valid, it sets session[:user_id] to log the user in and redirects to the dashboard. If invalid, it shows the login form again. When the user clicks logout, the session[:user_id] is deleted to log out, and the user is redirected to the login page. Variables like session[:user_id] change state only after successful login and are cleared on logout.