authkit 0.0.1 → 0.2.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/README.md +48 -33
- data/authkit.gemspec +0 -1
- data/lib/authkit/version.rb +1 -1
- data/lib/generators/authkit/install_generator.rb +38 -15
- data/lib/generators/authkit/templates/app/controllers/application_controller.rb +2 -2
- data/lib/generators/authkit/templates/app/controllers/password_reset_controller.rb +9 -3
- data/lib/generators/authkit/templates/app/controllers/sessions_controller.rb +9 -3
- data/lib/generators/authkit/templates/app/controllers/signup_controller.rb +44 -0
- data/lib/generators/authkit/templates/app/controllers/users_controller.rb +3 -43
- data/lib/generators/authkit/templates/app/forms/signup.rb +82 -0
- data/lib/generators/authkit/templates/app/models/user.rb +8 -3
- data/lib/generators/authkit/templates/app/views/{users → signup}/new.html.erb +6 -6
- data/lib/generators/authkit/templates/config/initializers/filter_parameter_logging.rb +22 -0
- data/lib/generators/authkit/templates/spec/controllers/application_controller_spec.rb +9 -8
- data/lib/generators/authkit/templates/spec/controllers/email_confirmation_controller_spec.rb +1 -2
- data/lib/generators/authkit/templates/spec/controllers/password_change_controller_spec.rb +1 -2
- data/lib/generators/authkit/templates/spec/controllers/password_reset_controller_spec.rb +9 -13
- data/lib/generators/authkit/templates/spec/controllers/sessions_controller_spec.rb +9 -20
- data/lib/generators/authkit/templates/spec/controllers/signup_controller_spec.rb +95 -0
- data/lib/generators/authkit/templates/spec/controllers/users_controller_spec.rb +19 -93
- data/lib/generators/authkit/templates/spec/factories/user.rb +11 -0
- data/lib/generators/authkit/templates/spec/forms/signup_spec.rb +91 -0
- data/lib/generators/authkit/templates/spec/models/user_spec.rb +9 -10
- data/lib/generators/authkit/templates/spec/spec_helper.rb +4 -0
- data/spec/spec_helper.rb +2 -0
- metadata +10 -17
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA1:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: e32d463ccc3d5bbb3291b087ddb3c51a4341a2c0
|
4
|
+
data.tar.gz: 16ce8e2e4b53acf18863c454c9def5d1e7a26818
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 144e524bb9384e402ef0d0c942e46ce23469858226a354f327cd9ffeaa52b0749a29850a8eb1dac6a4d7d60eb0c7d1e952d958a67e42bb170171961080fe56c3
|
7
|
+
data.tar.gz: 9f9f94acc22505797557a18fd69ef532aefae1b57cc38f47bf8287f58e6b26a2f08595eaed136296fba001f798cf1f4972b6c921aa89a3adb44b4c0278139a0d
|
data/README.md
CHANGED
@@ -17,7 +17,8 @@ is right where you would expect it to be.
|
|
17
17
|
## Features
|
18
18
|
|
19
19
|
Authkit supports Ruby down to version 1.9 but targets 2.0. It is built for Rails 4. It is possible
|
20
|
-
that it could support Rails 3.x (it
|
20
|
+
that it could support Rails 3.x (currently it relies on strong parameters and the Rails 4
|
21
|
+
message verifier and `secret_key_base`). Some of the features include:
|
21
22
|
|
22
23
|
* Signup (username or email)
|
23
24
|
* Login/Logout
|
@@ -75,17 +76,19 @@ This will add some basic migrations for the user:
|
|
75
76
|
|
76
77
|
It will also create general authentication models and controllers:
|
77
78
|
|
78
|
-
|
79
|
-
|
80
|
-
|
81
|
-
|
82
|
-
|
83
|
-
|
84
|
-
|
85
|
-
|
86
|
-
|
87
|
-
|
88
|
-
|
79
|
+
app/models/user.rb
|
80
|
+
app/controllers/users_controller.rb
|
81
|
+
app/controllers/signup_controller.rb
|
82
|
+
app/controllers/sessions_controller.rb
|
83
|
+
app/controllers/password_reset_controller.rb
|
84
|
+
app/controllers/password_change_controller.rb
|
85
|
+
app/controllers/email_confirmation_controller.rb
|
86
|
+
app/forms/signup.rb
|
87
|
+
app/views/signup/new.html.erb
|
88
|
+
app/views/users/edit.html.erb
|
89
|
+
app/views/sessions/new.html.erb
|
90
|
+
app/views/password_reset/show.html.erb
|
91
|
+
app/views/password_change/show.html.erb
|
89
92
|
|
90
93
|
And will insert a series of helpers into your application controller:
|
91
94
|
|
@@ -93,13 +96,16 @@ And will insert a series of helpers into your application controller:
|
|
93
96
|
|
94
97
|
And create corresponding specs:
|
95
98
|
|
96
|
-
|
97
|
-
|
98
|
-
|
99
|
-
|
100
|
-
|
101
|
-
|
102
|
-
|
99
|
+
spec/factories/user.rb
|
100
|
+
spec/models/user_spec.rb
|
101
|
+
spec/forms/signup_spec.rb
|
102
|
+
spec/controllers/application_controller_spec.rb
|
103
|
+
spec/controllers/users_controller_spec.rb
|
104
|
+
spec/controllers/signup_controller_spec.rb
|
105
|
+
spec/controllers/sessions_controller_spec.rb
|
106
|
+
spec/controllers/password_reset_controller_spec.rb
|
107
|
+
spec/controllers/password_change_controller_spec.rb
|
108
|
+
spec/controllers/email_confirmation_controller_spec.rb
|
103
109
|
|
104
110
|
And a nice helpful email format validator:
|
105
111
|
|
@@ -107,26 +113,28 @@ And a nice helpful email format validator:
|
|
107
113
|
|
108
114
|
It will also generate a set of routes:
|
109
115
|
|
110
|
-
route get
|
111
|
-
route post
|
112
|
-
route get
|
113
|
-
route post
|
114
|
-
route get
|
115
|
-
route
|
116
|
-
route get
|
117
|
-
route get
|
118
|
-
route
|
119
|
-
route
|
116
|
+
route get '/email/confirm/:token', to: 'email_confirmation#show', as: :confirm
|
117
|
+
route post '/password/reset', to: 'password_reset#create'
|
118
|
+
route get '/password/reset', to: 'password_reset#show', as: :password_reset
|
119
|
+
route post '/password/change/:token', to: 'password_change#create'
|
120
|
+
route get '/password/change/:token', to: 'password_change#show', as: :password_change
|
121
|
+
route post '/signup', to: 'signup#create'
|
122
|
+
route get '/signup', to: 'signup#new', as: :signup
|
123
|
+
route get '/logout', to: 'sessions#destroy', as: :logout
|
124
|
+
route get '/login', to: 'sessions#new', as: :login
|
125
|
+
route patch '/account', to: 'users#update'
|
126
|
+
route get '/account', to: 'users#edit', as: :user
|
120
127
|
|
121
128
|
route resources :sessions, only: [:new, :create, :destroy]
|
122
|
-
route resources :users, only: [:
|
129
|
+
route resources :users, only: [:create]
|
123
130
|
|
124
131
|
And will add some gems to your Gemfile:
|
125
132
|
|
126
133
|
gemfile active_model_otp
|
127
|
-
gemfile bcrypt-ruby (~> 3.
|
134
|
+
gemfile bcrypt-ruby (~> 3.1.2)
|
128
135
|
gemfile rspec-rails, :test, :development
|
129
136
|
gemfile shoulda-matchers, :test, :development
|
137
|
+
gemfile factor_girl_rails, :test, :development
|
130
138
|
|
131
139
|
Once you have this installed you can remove the gem, however you may want to
|
132
140
|
keep the gem installed in development as you will be able to update it
|
@@ -156,8 +164,15 @@ application.
|
|
156
164
|
|
157
165
|
The specs that are generated utilize a generous amount of mocking and stubbing in
|
158
166
|
an attempt to keep them fast. However, they use vanilla `rspec-rails`, meaning
|
159
|
-
they are not using
|
160
|
-
|
167
|
+
they are not using mocha. The two caveats are shoulda-matchers and FactoryGirl which
|
168
|
+
are required. It is pretty easy to remove these dependencies, it just turned out
|
169
|
+
that more people were using them than not.
|
170
|
+
|
171
|
+
## TODO
|
172
|
+
|
173
|
+
* Add oauth2 support (but not logging in?) in the form of facebook support, twitter support, google support
|
174
|
+
* Add avatar support (maybe that should be uploadkit)
|
175
|
+
* Add full name option (instead of first name and last name)name
|
161
176
|
|
162
177
|
## Contributing
|
163
178
|
|
data/authkit.gemspec
CHANGED
@@ -22,6 +22,5 @@ Gem::Specification.new do |spec|
|
|
22
22
|
spec.add_development_dependency "rake"
|
23
23
|
spec.add_development_dependency "rspec-rails"
|
24
24
|
spec.add_development_dependency "factory_girl_rails"
|
25
|
-
spec.add_development_dependency "mocha"
|
26
25
|
spec.add_development_dependency "active_model_otp"
|
27
26
|
end
|
data/lib/authkit/version.rb
CHANGED
@@ -18,6 +18,7 @@ module Authkit
|
|
18
18
|
# Ensure the destination structure
|
19
19
|
empty_directory "app"
|
20
20
|
empty_directory "app/models"
|
21
|
+
empty_directory "app/forms"
|
21
22
|
empty_directory "app/controllers"
|
22
23
|
empty_directory "app/views"
|
23
24
|
empty_directory "app/views/users"
|
@@ -25,6 +26,7 @@ module Authkit
|
|
25
26
|
empty_directory "app/views/password_reset"
|
26
27
|
empty_directory "app/views/password_change"
|
27
28
|
empty_directory "spec"
|
29
|
+
empty_directory "spec/factories"
|
28
30
|
empty_directory "spec/models"
|
29
31
|
empty_directory "spec/controllers"
|
30
32
|
empty_directory "lib"
|
@@ -32,14 +34,20 @@ module Authkit
|
|
32
34
|
# Fill out some templates (for now, this is just straight copy)
|
33
35
|
template "app/models/user.rb", "app/models/user.rb"
|
34
36
|
template "app/controllers/users_controller.rb", "app/controllers/users_controller.rb"
|
37
|
+
template "app/controllers/signup_controller.rb", "app/controllers/signup_controller.rb"
|
35
38
|
template "app/controllers/sessions_controller.rb", "app/controllers/sessions_controller.rb"
|
36
39
|
template "app/controllers/password_reset_controller.rb", "app/controllers/password_reset_controller.rb"
|
37
40
|
template "app/controllers/password_change_controller.rb", "app/controllers/password_change_controller.rb"
|
38
41
|
template "app/controllers/email_confirmation_controller.rb", "app/controllers/email_confirmation_controller.rb"
|
39
42
|
|
43
|
+
template "app/forms/signup.rb", "app/forms/signup.rb"
|
44
|
+
|
45
|
+
template "spec/factories/user.rb", "spec/factories/user.rb"
|
40
46
|
template "spec/models/user_spec.rb", "spec/models/user_spec.rb"
|
47
|
+
template "spec/forms/signup_spec.rb", "spec/forms/signup_spec.rb"
|
41
48
|
template "spec/controllers/application_controller_spec.rb", "spec/controllers/application_controller_spec.rb"
|
42
49
|
template "spec/controllers/users_controller_spec.rb", "spec/controllers/users_controller_spec.rb"
|
50
|
+
template "spec/controllers/signup_controller_spec.rb", "spec/controllers/signup_controller_spec.rb"
|
43
51
|
template "spec/controllers/sessions_controller_spec.rb", "spec/controllers/sessions_controller_spec.rb"
|
44
52
|
template "spec/controllers/password_reset_controller_spec.rb", "spec/controllers/password_reset_controller_spec.rb"
|
45
53
|
template "spec/controllers/password_change_controller_spec.rb", "spec/controllers/password_change_controller_spec.rb"
|
@@ -48,44 +56,52 @@ module Authkit
|
|
48
56
|
template "lib/email_format_validator.rb", "lib/email_format_validator.rb"
|
49
57
|
|
50
58
|
# Don't treat these like templates
|
51
|
-
copy_file "app/views/
|
59
|
+
copy_file "app/views/signup/new.html.erb", "app/views/signup/new.html.erb"
|
52
60
|
copy_file "app/views/users/edit.html.erb", "app/views/users/edit.html.erb"
|
53
61
|
copy_file "app/views/sessions/new.html.erb", "app/views/sessions/new.html.erb"
|
54
62
|
copy_file "app/views/password_reset/show.html.erb", "app/views/password_reset/show.html.erb"
|
55
63
|
copy_file "app/views/password_change/show.html.erb", "app/views/password_change/show.html.erb"
|
56
64
|
|
57
|
-
# We don't want to
|
65
|
+
# We don't want to overwrite this file and we may have a protected section so we want it at the bottom
|
58
66
|
insert_at_end_of_class "app/controllers/application_controller.rb", "app/controllers/application_controller.rb"
|
59
67
|
|
68
|
+
# Technically, we aren't inserting this at the end of the class, but the end of the RSpec::Configure
|
69
|
+
insert_at_end_of_class "spec/spec_helper.rb", "spec/spec_helper.rb"
|
70
|
+
|
71
|
+
insert_at_end_of_file "config/initializers/filter_parameter_logging.rb", "config/initializers/filter_parameter_logging.rb"
|
72
|
+
|
60
73
|
# Need a temp root
|
61
74
|
route "root 'welcome#index'"
|
62
75
|
|
63
76
|
# Setup the routes
|
64
|
-
route "get
|
77
|
+
route "get '/email/confirm/:token', to: 'email_confirmation#show', as: :confirm"
|
65
78
|
|
66
|
-
route "post
|
67
|
-
route "get
|
68
|
-
route "post
|
69
|
-
route "get
|
79
|
+
route "post '/password/reset', to: 'password_reset#create'"
|
80
|
+
route "get '/password/reset', to: 'password_reset#show', as: :password_reset"
|
81
|
+
route "post '/password/change/:token', to: 'password_change#create'"
|
82
|
+
route "get '/password/change/:token', to: 'password_change#show', as: :password_change"
|
70
83
|
|
71
|
-
route "
|
72
|
-
route "get
|
73
|
-
route "get
|
84
|
+
route "post '/signup', to: 'signup#create'"
|
85
|
+
route "get '/signup', to: 'signup#new', as: :signup"
|
86
|
+
route "get '/logout', to: 'sessions#destroy', as: :logout"
|
87
|
+
route "post '/login', to: 'sessions#create'"
|
88
|
+
route "get '/login', to: 'sessions#new', as: :login"
|
74
89
|
|
75
|
-
route "
|
76
|
-
route "get
|
90
|
+
route "patch '/account', to: 'users#update'"
|
91
|
+
route "get '/account', to: 'users#edit', as: :user"
|
77
92
|
|
78
93
|
route "resources :sessions, only: [:new, :create, :destroy]"
|
79
|
-
route "resources :users, only: [:
|
94
|
+
route "resources :users, only: [:create]"
|
80
95
|
|
81
96
|
# Support for has_secure_password and has_one_time_password
|
82
97
|
gem "active_model_otp"
|
83
|
-
gem "bcrypt-ruby", '~> 3.
|
98
|
+
gem "bcrypt-ruby", '~> 3.1.2'
|
84
99
|
|
85
100
|
# RSpec needs to be in the development group to be used in generators
|
86
101
|
gem_group :test, :development do
|
87
102
|
gem "rspec-rails"
|
88
103
|
gem "shoulda-matchers"
|
104
|
+
gem "factory_girl_rails"
|
89
105
|
end
|
90
106
|
end
|
91
107
|
|
@@ -95,11 +111,18 @@ module Authkit
|
|
95
111
|
|
96
112
|
protected
|
97
113
|
|
114
|
+
def insert_at_end_of_file(filename, source)
|
115
|
+
source = File.expand_path(find_in_source_paths(source.to_s))
|
116
|
+
context = instance_eval('binding')
|
117
|
+
content = ERB.new(::File.binread(source), nil, '-', '@output_buffer').result(context)
|
118
|
+
insert_into_file filename, "#{content}\n", before: /\z/
|
119
|
+
end
|
120
|
+
|
98
121
|
def insert_at_end_of_class(filename, source)
|
99
122
|
source = File.expand_path(find_in_source_paths(source.to_s))
|
100
123
|
context = instance_eval('binding')
|
101
124
|
content = ERB.new(::File.binread(source), nil, '-', '@output_buffer').result(context)
|
102
|
-
insert_into_file
|
125
|
+
insert_into_file filename, "#{content}\n", before: /end\n*\z/
|
103
126
|
end
|
104
127
|
|
105
128
|
def generate_migration(filename)
|
@@ -15,7 +15,7 @@
|
|
15
15
|
|
16
16
|
def current_user
|
17
17
|
return @current_user if defined?(@current_user)
|
18
|
-
@current_user ||= User.
|
18
|
+
@current_user ||= User.where(id: session[:user_id]).first if session[:user_id]
|
19
19
|
@current_user ||= User.user_from_remember_token(cookies.signed[:remember]) unless cookies.signed[:remember].blank?
|
20
20
|
session[:user_id] = @current_user.id if @current_user
|
21
21
|
session[:time_zone] = @current_user.time_zone if @current_user
|
@@ -41,11 +41,11 @@
|
|
41
41
|
end
|
42
42
|
|
43
43
|
def login(user)
|
44
|
+
reset_session
|
44
45
|
@current_user = user
|
45
46
|
current_user.track_sign_in(request.remote_ip) if allow_tracking?
|
46
47
|
current_user.set_token(:remember_token)
|
47
48
|
set_remember_cookie
|
48
|
-
reset_session
|
49
49
|
session[:user_id] = current_user.id
|
50
50
|
session[:time_zone] = current_user.time_zone
|
51
51
|
set_time_zone
|
@@ -3,9 +3,6 @@ class PasswordResetController < ApplicationController
|
|
3
3
|
end
|
4
4
|
|
5
5
|
def create
|
6
|
-
username_or_email = "#{params[:email]}".downcase
|
7
|
-
user = User.find_by_username_or_email(username_or_email) if username_or_email.present?
|
8
|
-
|
9
6
|
if user && user.send_reset_password
|
10
7
|
logout
|
11
8
|
|
@@ -26,4 +23,13 @@ class PasswordResetController < ApplicationController
|
|
26
23
|
end
|
27
24
|
end
|
28
25
|
end
|
26
|
+
|
27
|
+
protected
|
28
|
+
|
29
|
+
def user
|
30
|
+
return @user if defined?(@user)
|
31
|
+
username_or_email = "#{params[:email]}".downcase
|
32
|
+
return if username_or_email.blank?
|
33
|
+
@user = User.where('username = ? OR email = ?', username_or_email, username_or_email).first
|
34
|
+
end
|
29
35
|
end
|
@@ -4,9 +4,6 @@ class SessionsController < ApplicationController
|
|
4
4
|
end
|
5
5
|
|
6
6
|
def create
|
7
|
-
username_or_email = "#{params[:email]}".downcase
|
8
|
-
user = User.find_by_username_or_email(username_or_email) if username_or_email.present?
|
9
|
-
|
10
7
|
if user && user.authenticate(params[:password])
|
11
8
|
login(user)
|
12
9
|
respond_to do |format|
|
@@ -32,4 +29,13 @@ class SessionsController < ApplicationController
|
|
32
29
|
format.html { redirect_to root_path }
|
33
30
|
end
|
34
31
|
end
|
32
|
+
|
33
|
+
protected
|
34
|
+
|
35
|
+
def user
|
36
|
+
return @user if defined?(@user)
|
37
|
+
username_or_email = "#{params[:email]}".downcase
|
38
|
+
return if username_or_email.blank?
|
39
|
+
@user = User.where('username = ? OR email = ?', username_or_email, username_or_email).first
|
40
|
+
end
|
35
41
|
end
|
@@ -0,0 +1,44 @@
|
|
1
|
+
class SignupController < ApplicationController
|
2
|
+
respond_to :html, :json
|
3
|
+
|
4
|
+
# Create a new Signup form model (found in app/forms/signup.rb)
|
5
|
+
def new
|
6
|
+
@signup = Signup.new
|
7
|
+
end
|
8
|
+
|
9
|
+
def create
|
10
|
+
@signup = Signup.new(signup_params)
|
11
|
+
|
12
|
+
if @signup.save
|
13
|
+
login(@signup.user)
|
14
|
+
respond_to do |format|
|
15
|
+
format.json { head :no_content }
|
16
|
+
format.html {
|
17
|
+
redirect_to root_path
|
18
|
+
}
|
19
|
+
end
|
20
|
+
else
|
21
|
+
respond_to do |format|
|
22
|
+
format.json { render json: { status: 'error', errors: @signup.errors }.to_json, status: 422 }
|
23
|
+
format.html { render :new }
|
24
|
+
end
|
25
|
+
end
|
26
|
+
end
|
27
|
+
|
28
|
+
protected
|
29
|
+
|
30
|
+
def signup_params
|
31
|
+
params.require(:signup).permit(
|
32
|
+
:email,
|
33
|
+
:username,
|
34
|
+
:password,
|
35
|
+
:password_confirmation,
|
36
|
+
:first_name,
|
37
|
+
:last_name,
|
38
|
+
:bio,
|
39
|
+
:website,
|
40
|
+
:phone_number,
|
41
|
+
:time_zone)
|
42
|
+
end
|
43
|
+
end
|
44
|
+
|
@@ -3,28 +3,6 @@ class UsersController < ApplicationController
|
|
3
3
|
|
4
4
|
respond_to :html, :json
|
5
5
|
|
6
|
-
# Signup
|
7
|
-
def new
|
8
|
-
@user = User.new
|
9
|
-
end
|
10
|
-
|
11
|
-
def create
|
12
|
-
@user = User.new(user_create_params)
|
13
|
-
if @user.save
|
14
|
-
@user.send_confirmation
|
15
|
-
login(@user)
|
16
|
-
respond_to do |format|
|
17
|
-
format.json { head :no_content }
|
18
|
-
format.html { redirect_to root_path }
|
19
|
-
end
|
20
|
-
else
|
21
|
-
respond_to do |format|
|
22
|
-
format.json { render json: { status: 'error', errors: @user.errors }.to_json, status: 422 }
|
23
|
-
format.html { render :new }
|
24
|
-
end
|
25
|
-
end
|
26
|
-
end
|
27
|
-
|
28
6
|
def edit
|
29
7
|
@user = current_user
|
30
8
|
end
|
@@ -34,7 +12,7 @@ class UsersController < ApplicationController
|
|
34
12
|
|
35
13
|
orig_confirmation_email = @user.confirmation_email
|
36
14
|
|
37
|
-
if @user.update_attributes(
|
15
|
+
if @user.update_attributes(user_params)
|
38
16
|
# Send a new email confirmation if the user updated their email address
|
39
17
|
if @user.confirmation_email.present? &&
|
40
18
|
@user.confirmation_email != @user.email &&
|
@@ -43,7 +21,7 @@ class UsersController < ApplicationController
|
|
43
21
|
end
|
44
22
|
respond_to do |format|
|
45
23
|
format.json { head :no_content }
|
46
|
-
format.html { redirect_to
|
24
|
+
format.html { redirect_to account_path }
|
47
25
|
end
|
48
26
|
else
|
49
27
|
respond_to do |format|
|
@@ -55,25 +33,7 @@ class UsersController < ApplicationController
|
|
55
33
|
|
56
34
|
protected
|
57
35
|
|
58
|
-
|
59
|
-
# when signing up you are setting the email, and when changing your settings you
|
60
|
-
# are setting the confirmation email.
|
61
|
-
|
62
|
-
def user_create_params
|
63
|
-
params.require(:user).permit(
|
64
|
-
:email,
|
65
|
-
:username,
|
66
|
-
:password,
|
67
|
-
:password_confirmation,
|
68
|
-
:first_name,
|
69
|
-
:last_name,
|
70
|
-
:bio,
|
71
|
-
:website,
|
72
|
-
:phone_number,
|
73
|
-
:time_zone)
|
74
|
-
end
|
75
|
-
|
76
|
-
def user_update_params
|
36
|
+
def user_params
|
77
37
|
params.require(:user).permit(
|
78
38
|
:confirmation_email,
|
79
39
|
:username,
|
@@ -0,0 +1,82 @@
|
|
1
|
+
# Multi-model form support object for signup and user creation
|
2
|
+
class Signup
|
3
|
+
include ActiveModel::Model
|
4
|
+
|
5
|
+
attr_accessor :user
|
6
|
+
|
7
|
+
# User
|
8
|
+
attr_accessor(
|
9
|
+
:email,
|
10
|
+
:username,
|
11
|
+
:password,
|
12
|
+
:password_confirmation,
|
13
|
+
:first_name,
|
14
|
+
:last_name,
|
15
|
+
:bio,
|
16
|
+
:website,
|
17
|
+
:phone_number,
|
18
|
+
:time_zone)
|
19
|
+
|
20
|
+
attr_accessor(
|
21
|
+
:terms_of_service)
|
22
|
+
|
23
|
+
validates :terms_of_service, acceptance: true
|
24
|
+
validate :validate_models
|
25
|
+
|
26
|
+
def persisted?
|
27
|
+
false
|
28
|
+
end
|
29
|
+
|
30
|
+
def save
|
31
|
+
if valid?
|
32
|
+
persist!
|
33
|
+
send_confirmation!
|
34
|
+
send_welcome!
|
35
|
+
true
|
36
|
+
else
|
37
|
+
false
|
38
|
+
end
|
39
|
+
end
|
40
|
+
|
41
|
+
def user
|
42
|
+
return @user if @user
|
43
|
+
@user = User.new(user_params)
|
44
|
+
@user
|
45
|
+
end
|
46
|
+
|
47
|
+
private
|
48
|
+
|
49
|
+
def validate_models
|
50
|
+
self.user.errors.each { |k, v| errors[k] = v } unless self.user.valid?
|
51
|
+
end
|
52
|
+
|
53
|
+
def persist!
|
54
|
+
ActiveRecord::Base.transaction do
|
55
|
+
self.user.save!
|
56
|
+
end
|
57
|
+
end
|
58
|
+
|
59
|
+
def send_confirmation!
|
60
|
+
self.user.send_confirmation
|
61
|
+
end
|
62
|
+
|
63
|
+
def send_welcome!
|
64
|
+
self.user.send_welcome
|
65
|
+
end
|
66
|
+
|
67
|
+
def user_params
|
68
|
+
{
|
69
|
+
email: self.email,
|
70
|
+
username: self.username,
|
71
|
+
password: self.password,
|
72
|
+
password_confirmation: self.password_confirmation,
|
73
|
+
first_name: self.first_name,
|
74
|
+
last_name: self.last_name,
|
75
|
+
bio: self.bio,
|
76
|
+
website: self.website,
|
77
|
+
phone_number: self.phone_number,
|
78
|
+
time_zone: self.time_zone
|
79
|
+
}
|
80
|
+
end
|
81
|
+
end
|
82
|
+
|
@@ -32,9 +32,9 @@ class User < ActiveRecord::Base
|
|
32
32
|
validate :confirmation_email_uniqueness, if: :confirmation_email_set?
|
33
33
|
|
34
34
|
def self.user_from_token(token)
|
35
|
-
verifier = ActiveSupport::MessageVerifier.new(Rails.application.config.
|
35
|
+
verifier = ActiveSupport::MessageVerifier.new(Rails.application.config.secret_key_base)
|
36
36
|
id = verifier.verify(token)
|
37
|
-
User.
|
37
|
+
User.where(id: id).first
|
38
38
|
rescue ActiveSupport::MessageVerifier::InvalidSignature
|
39
39
|
nil
|
40
40
|
end
|
@@ -45,7 +45,7 @@ class User < ActiveRecord::Base
|
|
45
45
|
# to bubble up.
|
46
46
|
def set_token(field)
|
47
47
|
return unless self.persisted?
|
48
|
-
verifier = ActiveSupport::MessageVerifier.new(Rails.application.config.
|
48
|
+
verifier = ActiveSupport::MessageVerifier.new(Rails.application.config.secret_key_base)
|
49
49
|
self.send("#{field}_created_at=", Time.now)
|
50
50
|
self.send("#{field}=", verifier.generate(self.id))
|
51
51
|
self.save
|
@@ -90,6 +90,11 @@ class User < ActiveRecord::Base
|
|
90
90
|
self.save
|
91
91
|
end
|
92
92
|
|
93
|
+
def send_welcome
|
94
|
+
# TODO: insert your mailer logic here
|
95
|
+
true
|
96
|
+
end
|
97
|
+
|
93
98
|
def clear_remember_token
|
94
99
|
self.remember_token = nil
|
95
100
|
self.remember_token_created_at = nil
|
@@ -1,19 +1,19 @@
|
|
1
1
|
<h1>Sign Up</h1>
|
2
2
|
|
3
|
-
<% if @
|
3
|
+
<% if @signup.errors.any? %>
|
4
4
|
<div id="error_explanation">
|
5
5
|
<div class="alert alert-error">
|
6
|
-
The form contains <%= pluralize(@
|
6
|
+
The form contains <%= pluralize(@signup.errors.count, "error") %>.
|
7
7
|
</div>
|
8
8
|
<ul>
|
9
|
-
<% @
|
9
|
+
<% @signup.errors.full_messages.each do |msg| %>
|
10
10
|
<li>* <%= msg %></li>
|
11
11
|
<% end %>
|
12
12
|
</ul>
|
13
13
|
</div>
|
14
14
|
<% end %>
|
15
15
|
|
16
|
-
<%= form_for @
|
16
|
+
<%= form_for @signup, url: signup_path do |f| %>
|
17
17
|
<div class="field">
|
18
18
|
<%= f.label "first_name" %>
|
19
19
|
<%= f.text_field "first_name" %>
|
@@ -48,11 +48,11 @@
|
|
48
48
|
</div>
|
49
49
|
<div class="field">
|
50
50
|
<%= f.label "password" %>
|
51
|
-
<%= f.
|
51
|
+
<%= f.password_field "password" %>
|
52
52
|
</div>
|
53
53
|
<div class="field">
|
54
54
|
<%= f.label "password_confirmation" %>
|
55
|
-
<%= f.
|
55
|
+
<%= f.password_field "password_confirmation" %>
|
56
56
|
</div>
|
57
57
|
<%= f.submit "Sign up" %>
|
58
58
|
<% end %>
|
@@ -0,0 +1,22 @@
|
|
1
|
+
|
2
|
+
# Authkit specific parameters should be filtered from logs and errors. This
|
3
|
+
# prevents them from unintentionally appearing in reports or leaking when
|
4
|
+
# doing reviews.
|
5
|
+
Rails.application.config.filter_parameters += [
|
6
|
+
:password,
|
7
|
+
:password_confirmation,
|
8
|
+
:otp_secret_key,
|
9
|
+
:token,
|
10
|
+
:remember_token,
|
11
|
+
:confirmation_token,
|
12
|
+
:reset_password_token,
|
13
|
+
:unlock_token,
|
14
|
+
:first_name,
|
15
|
+
:last_name,
|
16
|
+
:phone_number,
|
17
|
+
:username,
|
18
|
+
:email,
|
19
|
+
:confirmation_email,
|
20
|
+
:current_sign_in_ip,
|
21
|
+
:last_sign_in_ip
|
22
|
+
]
|