as_user 0.0.2 → 0.0.3

data/CHANGELOG.rdoc

@@ -1,3 +1,9 @@
+== 0.0.3
+* basic user signup,signin,signout,update feature
+* no remember me
+* no mail confirmation
+* no token authentication
+* nothing else
 
 == 0.0.2
 

data/app/controllers/as_user/abouts_controller.rb

@@ -0,0 +1,11 @@
+require_dependency "as_user/application_controller"
+
+module AsUser
+  class AboutsController < ApplicationController
+    # GET /users
+    # GET /users.json
+    def index
+  
+    end
+  end
+end

data/app/controllers/as_user/application_controller.rb

@@ -1,4 +1,5 @@
 module AsUser
   class ApplicationController < ActionController::Base
+    include SessionsHelper
   end
 end

data/app/controllers/as_user/sessions_controller.rb

@@ -0,0 +1,30 @@
+require_dependency "as_user/application_controller"
+
+module AsUser
+  class SessionsController < ApplicationController
+    def new
+      if signed_in? then
+        redirect_to current_user
+      end
+    end
+
+    def create
+      user = User.find_by_email params[:session][:email].downcase
+      if user && user.authenticate(params[:session][:password])
+        sign_in user
+        redirect_back_or user
+      else
+        flash.now[:error] = "Invalid email/password combination"
+        render 'new'
+      end
+    end
+
+    def destroy
+      sign_out
+      redirect_to root_path, notice: "signed out."
+    end
+  
+  end
+end
+
+

data/app/controllers/as_user/users_controller.rb

@@ -2,6 +2,8 @@ require_dependency "as_user/application_controller"
 
 module AsUser
   class UsersController < ApplicationController
+    before_filter :signed_in_as_self, except: [:index, :show, :new, :create]
+
     # GET /users
     # GET /users.json
     def index
@@ -35,11 +37,6 @@ module AsUser
       end
     end
   
-    # GET /users/1/edit
-    def edit
-      @user = User.find(params[:id])
-    end
-  
     # POST /users
     # POST /users.json
     def create
@@ -47,35 +44,43 @@ module AsUser
   
       respond_to do |format|
         if @user.save
+          sign_in @user
           format.html { redirect_to @user, notice: 'User was successfully created.' }
           format.json { render json: @user, status: :created, location: @user }
         else
+          flash[:error]="create user failed."
           format.html { render action: "new" }
           format.json { render json: @user.errors, status: :unprocessable_entity }
         end
       end
     end
   
+    # GET /users/1/edit
+    def edit
+    end
+  
+    def edit_password
+    end
+  
     # PUT /users/1
     # PUT /users/1.json
     def update
-      @user = User.find(params[:id])
-  
       respond_to do |format|
         if @user.update_attributes(params[:user])
           format.html { redirect_to @user, notice: 'User was successfully updated.' }
           format.json { head :no_content }
         else
-          format.html { render action: "edit" }
+          flash[:error] = "update password failed."
+          format.html { redirect_to @user }
           format.json { render json: @user.errors, status: :unprocessable_entity }
         end
       end
     end
-  
+
     # DELETE /users/1
     # DELETE /users/1.json
     def destroy
-      @user = User.find(params[:id])
+      #@user = User.find(params[:id])
       @user.destroy
   
       respond_to do |format|
@@ -83,5 +88,19 @@ module AsUser
         format.json { head :no_content }
       end
     end
+
+    private
+    def signed_in_as_self
+      @user = User.find(params[:id])
+      if current_user
+        unless current_user?(@user)
+          flash[:error] = "can only modify your own account."
+          redirect_to root_path
+        end
+      else
+        store_location
+        redirect_to signin_path
+      end
+    end
   end
 end

data/app/helpers/as_user/sessions_helper.rb

@@ -0,0 +1,41 @@
+module AsUser
+  module SessionsHelper
+    def sign_in(user)
+      session[:user_id] = user.id
+      self.current_user = user
+    end
+
+    def signed_in?
+      #session[:original_url] = request.url
+      !current_user.nil?
+    end
+
+    def sign_out
+      #cookies.delete(:remember_token)
+      session[:user_id] = nil
+      self.current_user = nil
+    end
+
+    def current_user=(user)
+      @current_user = user
+    end
+
+    def current_user
+      #@current_user ||= User.find_by_remember_token(cookies[:remember_token])
+      @current_user ||= User.find_by_id(session[:user_id]) if session[:user_id]
+    end
+
+    def current_user?(user)
+      user == current_user
+    end
+
+    def redirect_back_or(default)
+      redirect_to(session[:return_to] || default)
+      session.delete(:return_to)
+    end
+
+    def store_location
+      session[:return_to] = request.url
+    end
+  end
+end

data/app/models/user.rb

@@ -1,3 +1,15 @@
+# == Schema Information
+#
+# Table name: users
+#
+#  id              :integer          not null, primary key
+#  email           :string(255)      not null
+#  name            :string(100)
+#  password_digest :string(60)
+#  created_at      :datetime         not null
+#  updated_at      :datetime         not null
+#
+
 class User < ActiveRecord::Base
   self.table_name = "users"
   attr_accessible :email, :name, :password, :password_confirmation
@@ -10,6 +22,7 @@ class User < ActiveRecord::Base
   validates :email, presence: true,
     format:         {with: VALID_EMAIL_REGEX},
     uniqueness:     {case_sensitive: false}
-  validates :password, presence: true, length: {minimum: 3}
-  validates :password_confirmation, presence: true
+  validates :password, :password_confirmation, presence: true, length: {minimum: 3}, if: Proc.new { |user|
+    user.new_record? or user.password
+  }
 end

data/app/views/as_user/abouts/index.html.erb

@@ -0,0 +1,10 @@
+
+<br/>
+<br/>
+welcome to use as_user gem for user handling
+<br/>
+<br/>
+manual to be done...
+
+<%= link_to 'Signin', signin_path %>
+<%= link_to 'Signup', signup_path %>

data/app/views/as_user/sessions/new.html.erb

@@ -0,0 +1,18 @@
+<h1>Sign in</h1>
+
+<div class="message_box">
+	<%= flash[:error] if flash[:error] %>
+</div>
+
+<div class="login_form">
+	<%= form_for(:session, url: sessions_path) do |f| %>
+		<%= f.label :email %>
+		<%= f.text_field :email %>
+
+		<%= f.label :password %>
+		<%= f.password_field :password %>
+
+		<%= f.submit "Sign in" %>
+	<%end%>
+</div>
+

data/app/views/as_user/users/_form.html.erb

@@ -20,8 +20,12 @@
     <%= f.text_field :name %>
   </div>
   <div class="field">
-    <%= f.label :password_digest %><br />
-    <%= f.text_field :password_digest %>
+    <%= f.label :password%><br />
+    <%= f.password_field :password%>
+  </div>
+  <div class="field">
+    <%= f.label :password_confirmation %><br />
+    <%= f.password_field :password_confirmation %>
   </div>
   <div class="actions">
     <%= f.submit %>

data/app/views/as_user/users/edit.html.erb

@@ -1,6 +1,19 @@
 <h1>Editing user</h1>
 
-<%= render 'form' %>
+<%#= render 'form' %>
+<%= form_for(@user) do |f| %>
+  <div class="field">
+    <%= f.label :email %><br />
+    <%= f.text_field :email %>
+  </div>
+  <div class="field">
+    <%= f.label :name %><br />
+    <%= f.text_field :name %>
+  </div>
+  <div class="actions">
+    <%= f.submit %>
+  </div>
+<% end %>
 
 <%= link_to 'Show', @user %> |
 <%= link_to 'Back', users_path %>

data/app/views/as_user/users/edit_password.html.erb

@@ -0,0 +1,20 @@
+<h1>Editing user</h1>
+
+<%#= render 'form' %>
+<%= form_for(@user) do |f| %>
+  <h3><%=@user.name%></h3>
+  <h3><%=@user.email%></h3>
+  <div class="field">
+    <%= f.label :password %><br />
+    <%= f.password_field :password %>
+  </div>
+  <div class="field">
+    <%= f.label :password_confirmation %><br />
+    <%= f.password_field :password_confirmation %>
+  </div>
+  <div class="actions">
+    <%= f.submit %>
+  </div>
+<% end %>
+
+<%= link_to 'Show', @user %> |

data/app/views/as_user/users/index.html.erb

@@ -1,23 +1,17 @@
-<h1>Listing users</h1>
+<h1>users</h1>
 
 <table>
   <tr>
+    <th>Id</th>
     <th>Email</th>
     <th>Name</th>
-    <th>Password digest</th>
-    <th></th>
-    <th></th>
-    <th></th>
   </tr>
 
 <% @users.each do |user| %>
   <tr>
-    <td><%= user.email %></td>
+    <td><%= user.id %></td>
+    <td><%= "***" || user.email %></td>
     <td><%= user.name %></td>
-    <td><%= user.password_digest %></td>
-    <td><%= link_to 'Show', user %></td>
-    <td><%= link_to 'Edit', edit_user_path(user) %></td>
-    <td><%= link_to 'Destroy', user, method: :delete, data: { confirm: 'Are you sure?' } %></td>
   </tr>
 <% end %>
 </table>
@@ -25,3 +19,4 @@
 <br />
 
 <%= link_to 'New User', new_user_path %>
+<%= link_to 'Signin', signin_path %>

data/app/views/as_user/users/show.html.erb

@@ -1,8 +1,8 @@
 <p id="notice"><%= notice %></p>
 
 <p>
-  <b>Email:</b>
-  <%= @user.email %>
+  <b>Id:</b>
+  <%= @user.id %>
 </p>
 
 <p>
@@ -10,11 +10,5 @@
   <%= @user.name %>
 </p>
 
-<p>
-  <b>Password digest:</b>
-  <%= @user.password_digest %>
-</p>
-
-
-<%= link_to 'Edit', edit_user_path(@user) %> |
 <%= link_to 'Back', users_path %>
+<%= link_to 'Logout', signout_path,method: :delete if current_user%>

data/config/routes.rb

@@ -1,5 +1,15 @@
 AsUser::Engine.routes.draw do
-  resources :users
+  resources :users do
+    member do
+      get :edit_password
+    end
+  end
+  resources :sessions, only: [:new, :create, :destroy]
 
+  match "/signup", to: 'users#new'
+  match "/signin", to: 'sessions#new'
+  match "/signout", to: 'sessions#destroy', via: :delete
 
+  get "abouts/index" => "abouts#index"
+  root to: "abouts#index"
 end

data/lib/as_user/version.rb

@@ -1,3 +1,3 @@
 module AsUser
-  VERSION = "0.0.2"
+  VERSION = "0.0.3"
 end

data/test/as_user_test.rb

@@ -1,7 +1,7 @@
 require 'test_helper'
 
 class AsUserTest < ActiveSupport::TestCase
-  test "truth" do
+  test "AsUser should be Module" do
     assert_kind_of Module, AsUser
   end
 end

data/test/dummy/config/routes.rb

@@ -1,4 +1,3 @@
 Rails.application.routes.draw do
-
   mount AsUser::Engine => "/as_user"
 end