Introduction

Requirements

-Build an MVC Sinatra application.
-Use ActiveRecord with Sinatra.
-Use multiple models.
-Use at least one has_many relationship on a User model and one belongs_to relationship on another model.
-Must have user accounts - users must be able to sign up, sign in, and sign out.
-Validate uniqueness of user login attribute (username or email).
-Once logged in, a user must have the ability to create, read, update and destroy (CRUD) the resource that belongs_to user.
-Ensure that users can edit and delete only their own resources - not resources created by other users.
-Validate user input so bad data cannot be persisted to the database.
-BONUS: Display validation failures to user with error messages. (This is an optional feature, challenge yourself and give it a shot!)
TLTR: Feel free to get the source code.

App Design

The overall plan for this app was to design a web site with a full-stack design, using Sinatra back-end, and ERB files to display the front-end.

Based on the requirements the site includes a user account model which allows the end user to create, read, update, and delete their own orders secure from other users.

Security

To handle the security of the user model, this app utilizes the bcrypt gem to secure the session_secret.

Data Design

The database design is fairly simple. First the users table contains fields for username, email and password_digest as the password field.

Each orders table belongs_to a User based upon each orders user_id.

Controller Design

The application_controller controls the app. It includes the security setup, sets the root path, and includes a few helpers methods for the user model. Specifically, the current_user method which is used to compare the user and session_id to orders later in the source code.

The users_controller concerns validating the user account creation and login.

The orders_controller concerns orders creation, reading, updating, and deleting for the respective user to which they each belong.