Create customers, manage authentication and authorization.

Customer account management

In order for a customer to place an order, he/she must create an account first. this allow customers to track their orders, and let the store admin had enough information to deliver the order.

Tradenity API offers the Customer resource which provides all the necessary infrastructure to create and manage user account, login and logout, safely store sensitive information such as password in encrypted format.

In this section we will learn how to integrate Tradenity Customer resource and related services within your application to allow your customers to create and manage their accounts.

Register new customer

app/controllers/accounts_controller.rb


def new
  @customer = Customer.new
end

The registration form looks like this:


<h2>Registration</h2>
<div class="registration-grids">
    <div class="reg-form">
        <div class="reg">
            <p>Welcome, please enter the following details to continue.</p>
            <p>If you have previously registered with us, <a href="/login">click here to login</a></p>
            <%= form_tag create_customer_path do  %>
                <ul>
                    <li class="text-info">First Name: </li>
                    <li><%= text_field_tag 'customer[firstName]', @customer.firstName %></li>
                </ul>
                <ul>
                    <li class="text-info">Last Name: </li>
                    <li><%= text_field_tag 'customer[lastName]', @customer.lastName %></li>
                </ul>
                <ul>
                    <li class="text-info">Email: </li>
                    <li><%= text_field_tag 'customer[email]', @customer.email %></li>
                </ul>
                <ul>
                    <li class="text-info">Username: </li>
                    <li><%= text_field_tag 'customer[username]', @customer.username %></li>
                </ul>
                <ul>
                    <li class="text-info">Password: </li>
                    <li><%= password_field_tag 'customer[password]' %></li>
                </ul>
                <ul>
                    <li class="text-info">Re-enter Password:</li>
                    <li><%= password_field_tag 'customer[confirmPassword]' %></li>
                </ul>

                <input type="submit" value="REGISTER NOW"/>
                <p class="click">By clicking this button, you are agree to my  <a href="#">Policy Terms and Conditions.</a></p>
            <% end %>
        </div>
    </div>

To create a new Customer instance, we simply populate the Customer instance with data, then call Customer#create method.

app/controllers/accounts_controller.rb


def create
    @customer = Customer.new(params[:customer])
    @customer.create()
    redirect_to login_url
end

Login

Now, the customer created successfully. let’s implement the login functionality. We try to get a customer with the specified ID using Customer#find_by_username method. If it returns valid customer, we check the password.

Please note that the password stored as encrypted text using bcrypt algorithm, so to check for its validity, either use the provided Customer#is_valid_password or implement your own bcrypt matching. plain text comparison will not work.

app/controllers/session_controller.rb


def create
    customer = Customer.find_by_username(params[:username])
    if customer != nil && customer.valid_password?(params[:password])
      session[:customer_id] = customer.id
      if session.has_key? :target_url
        target_url = session[:target_url]
        session.delete(:target_url)
      else
        target_url = '/'
      end
      redirect_to target_url, notice: 'Logged in successfully!'
    else
      redirect_to action: :new, flash: 'Invalid credentials'
    end
end

Logout

app/controllers/session_controller.rb


def destroy
    session.delete(:customer_id)
    redirect_to '/'
end