aboutsummaryrefslogtreecommitdiffstats
path: root/guides/source/getting_started.md
diff options
context:
space:
mode:
Diffstat (limited to 'guides/source/getting_started.md')
-rw-r--r--guides/source/getting_started.md31
1 files changed, 23 insertions, 8 deletions
diff --git a/guides/source/getting_started.md b/guides/source/getting_started.md
index 27768952cc..dabdb391b3 100644
--- a/guides/source/getting_started.md
+++ b/guides/source/getting_started.md
@@ -155,7 +155,7 @@ To begin with, let's get some text up on screen quickly. To do this, you need to
### Starting up the Web Server
-You actually have a functional Rails application already. To see it, you need to start a web server on your development machine. You can do this by running:
+You actually have a functional Rails application already. To see it, you need to start a web server on your development machine. You can do this by running the following in the root directory of your rails application:
```bash
$ rails server
@@ -416,7 +416,7 @@ edit_post GET /posts/:id/edit(.:format) posts#edit
The `posts_path` helper tells Rails to point the form
to the URI Pattern associated with the `posts` prefix; and
the form will (by default) send a `POST` request
-to that route. This is associated with the
+to that route. This is associated with the
`create` action of the current controller, the `PostsController`.
With the form and its associated route defined, you will be able to fill in the form and then click the submit button to begin the process of creating a new post, so go ahead and do that. When you submit the form, you should see a familiar error:
@@ -553,7 +553,7 @@ and change the `create` action to look like this:
```ruby
def create
@post = Post.new(params[:post])
-
+
@post.save
redirect_to @post
end
@@ -575,7 +575,7 @@ If you submit the form again now, Rails will complain about not finding
the `show` action. That's not very useful though, so let's add the
`show` action before proceeding.
-First we need to add a new `route` in `config/routes.rb`.
+As we have seen in the output of `rake routes`, the route for `show` action is as follows:
```ruby
post GET /posts/:id(.:format) posts#show
@@ -654,7 +654,7 @@ For more information, refer to
### Listing all posts
We still need a way to list all our posts, so let's do that.
-We'll use a specific route from `config/routes.rb`:
+The route for this as per output of `rake routes` is:
```ruby
posts GET /posts(.:format) posts#index
@@ -888,7 +888,7 @@ it look as follows:
```html+erb
<h1>Editing post</h1>
-<%= form_for :post, url: post_path(@post.id), method: :patch do |f| %>
+<%= form_for :post, url: post_path(@post), method: :patch do |f| %>
<% if @post.errors.any? %>
<div id="error_explanation">
<h2><%= pluralize(@post.errors.count, "error") %> prohibited
@@ -1039,7 +1039,7 @@ content:
```
Everything except for the `form_for` declaration remained the same.
-The reason we can use this shorter, simpler `form_for` declaration
+The reason we can use this shorter, simpler `form_for` declaration
to stand in for either of the other forms is that `@post` is a *resource*
corresponding to a full set of RESTful routes, and Rails is able to infer
which URI and method to use.
@@ -1071,7 +1071,7 @@ Then do the same for the `app/views/posts/edit.html.erb` view:
We're now ready to cover the "D" part of CRUD, deleting posts from the
database. Following the REST convention, the route for
-deleting posts in the `config/routes.rb` is:
+deleting posts as per output of `rake routes` is:
```ruby
DELETE /posts/:id(.:format) posts#destroy
@@ -1616,6 +1616,8 @@ end
Security
--------
+### Basic Authentication
+
If you were to publish your blog online, anybody would be able to add, edit and
delete posts or delete comments.
@@ -1663,6 +1665,19 @@ Authentication challenge
![Basic HTTP Authentication Challenge](images/getting_started/challenge.png)
+Other authentication methods are available for Rails applications. Two popular
+authentication add-ons for Rails are the [Devise](https://github.com/plataformatec/devise)
+rails engine and the [Authlogic](https://github.com/binarylogic/authlogic) gem,
+along with a number of others.
+
+
+### Other Security Considerations
+
+Security, especially in web applications, is a broad and detailed area. Security
+in your Rails application is covered in more depth in
+The [Ruby on Rails Security Guide](security.html)
+
+
What's Next?
------------
generated by cgit v1.2.3 (git 2.25.1) at 2025-04-26 02:23:17 +0000