How to Validate User Login Data in Ruby on Rails

Written by usagi-bonilla | Published 2020/07/14
Tech Story Tags: ruby-on-rails | active-record | email-validation | validator | web-development | ruby | programming | software-development | web-monetization

TLDR HTML5 provides instant validation trough input: type and required tags. Ruby on Rails uses Active Record Validations to ensure the information in the database is consistent and adds an extra security layer to our deployed applications. In this quick guide, we will validate a table with name, email, and password: fields used when a user’s login feature is required. We use the presence validator whenever we need the input to exist. We also use the length validator to a 255 maximum to avoid database overflowing.via the TL;DR App
When building applications we try to make sure the data our users are submitting is reliable and useful.
Ensuring valid data is sent before saving any changes to the database is called validation.
Traditionally, HTML5 provides instant validation trough input: type and required tags.
Rails use Active Record Validations to ensure the information in the database is consistent and adds an extra security layer to our deployed
projects.
While there are a variety of options available within Rails guides, a couple of quick configurations to validate the most common user input can go a long way.
In this quick guide, we will validate a table with name, email, and
password: fields used when a user’s login feature is required
Let’s get started by creating a new Rails App (or open your existing project) with default database configuration.
$ rails new rails-sample
The next step is to create a sample table with basic required cells for a user’s login.
$ rails generate scaffold User name:string email:string password:string
don’t forget to create and migrate your database.
$ rails db:create
$ rails db:migrate
you should have this on app/model/user.rb:
class User < ApplicationRecord
end
and your database schema (./bd/schema.rb) should be this.
create_table “users”, force: :cascade do |t|
t.string “name”
t.string “email”
t.string “password”
t.datetime “created_at”, precision: 6, null: false
t.datetime “updated_at”, precision: 6, null: false
end
now we can start adding the essential validations
Presence
We use the presence validator whenever we need the input to exist. In this example we need all our fields to be present in order to validate the entry:
class User < ApplicationRecord
validates :name, presence: true
validates :email, presence: true
validates :password, presence: true
end
now, let’s use rails console sandbox to be sure our validators are working:
$ rails console --sandbox
> user1 = User.create(email: "email1", password: "sample1")
=> #<User id: nil, name: nil, email: "email1", password: [FILTERED], created_at: nil, updated_at: nil>
> user1.valid?
=> false
we created user1 without any name thus, valid? = false, let's try again
> user = User.create(name: "user1", email: "email1", password: "sample1")
=> #<User id: 1, name: "user1", email: "email1", password: [FILTERED], created_at: "2020-07-08 17:06:32", updated_at: "2020-07-08 17:06:32">
> user.valid?
=> true
¡Much better!.
Length
we use the length validator to a 255 maximum to avoid any database overflowing.
class User < ApplicationRecord
validates :name, presence: true, length: { minimum: 3, maximum: 25 }
validates :email, presence: true, length: { minimum: 10, maximum: 255 }
validates :password, presence: true, length: { minimum: 6, maximum: 255 }
end
Regex format
for email validation, we use regular expression format like this one:
/\A[\w+\-.]+@[a-z\d\-]+(\.[a-z\d\-]+)*\.[a-z]+\z/i
We update our model using this regular expression and format: validator
class User < ApplicationRecord

VALID_EMAIL_REGEX = /\A[\w+\-.]+@[a-z\d\-]+(\.[a-z\d\-]+)*\.[a-z]+\z/i.freeze

validates :name, presence: true, length: { minimum: 3, maximum: 25 }
validates :password, presence: true, length: { minimum: 6, maximum: 255 }
validates :email, presence: true, length: { minimum: 10, maximum: 255 },format: { with: VALID_EMAIL_REGEX }
end
Uniqueness
We can add a uniqueness validation to avoid any email duplicates disabling case sensitivity:
class User < ApplicationRecord

VALID_EMAIL_REGEX = /\A[\w+\-.]+@[a-z\d\-]+(\.[a-z\d\-]+)*\.[a-z]+\z/i.freeze

validates :name, presence: true, length: { minimum: 3, maximum: 25 }
validates :password, presence: true, length: { minimum: 6, maximum: 255 }
validates :email, presence: true, length: { minimum: 10, maximum: 255 },format: { with: VALID_EMAIL_REGEX },uniqueness: { case_sensitive: false }
end
and finally we run rails console to ensure our validations are in order
$ rails console --sandbox

> user = User.create(name: "user1", email: "[email protected]", password: "password")
=> #<User id: 1, name: "user1", email: "[email protected]", password: [FILTERED], created_at: "2020-07-08 17:26:29", updated_at: "2020-07-08 17:26:29">

> user.valid?
=> true
this essential validation process will add an extra filter to ensure data liability in any Rails app.
you can add as many validations as you see fit, check Ruby guides for the complete documentation.
Written by usagi-bonilla | Full Stack Developer in never ending training
Published by HackerNoon on 2020/07/14
ABOUTHow hackers start their afternoons. We publish tech stories and build publishing software.

READEntirely free library read by hundreds of millions to learn anything about any technology.

WRITEHackerNoon elevates quality technology writing far and wide across the interwebs.

PARTNERHackerNoon works directly with tech companies to place ads by content relevancy