In order to create a more serviceable website with user accounts and UI interactions, we need a home page that allows users to login or register.
When a user visits www.balldontlie.io, they're presented a home page.
The home page has options to
1) view documentation (the current documentation page should be available at www.balldontlie.io/docs)
2) login
Either present a new page (balldontlie.io/login) or a modal. I don't have a strong preference.
Present a form with email and password
When a user logs in successfully, the options to login or register are removed, and we display the API token instead
3) register
Either present a new page (balldontlie.io/register) or a modal. I don't have a strong preference.
Present a form with email, password, and confirm password.
Ideally we require email confirmation.
No strong opinion on password requirements.
When a user successfully registers, we reload the home page and remove the login and register options and display
1) the API token if we don't implement email confirmation
2) some message that says they need to confirm their email to receive their API token
class Application < Rails::Application
config.load_defaults 5.2
config.api_only = true
config.middleware.use ActionDispatch::Cookies
config.middleware.use ActionDispatch::Session::CookieStore
end
class ApplicationController < ActionController::API
include ActionController::Cookies
include ActionController::RequestForgeryProtection
protect_from_forgery with: :exception
...
end
Since this will be a single page app, we can make a request to an endpoint on the initial render that checks to see if the user is logged in.
In order to create a more serviceable website with user accounts and UI interactions, we need a home page that allows users to login or register.
loginorregisterare removed, and we display the API token instead 3) registerloginandregisteroptions and display 1) the API token if we don't implement email confirmation 2) some message that says they need to confirm their email to receive their API tokenI want to use react on the frontend. Even though it's overkill for this feature, it'll be a good foundation to build on in the event we want to build out more features. Let's use create-react-app with typescript (https://facebook.github.io/create-react-app/docs/adding-typescript) enabled. I don't think we need to use devise for auth — we can hand-roll something super simple (use has_secure_password for user model https://api.rubyonrails.org/classes/ActiveModel/SecurePassword/ClassMethods.html). Since rails is in API mode, we'll need to include sessions and cookies:
Since this will be a single page app, we can make a request to an endpoint on the initial render that checks to see if the user is logged in.