deleted and re-generated the restful_authentication framework. I've r…

…emoved the user signup process as it isn't currently needed.

app/controllers/application.rb

@@ -2,8 +2,8 @@
 # Likewise, all the methods added will be available for all controllers.
 
 class ApplicationController < ActionController::Base
-  include AuthenticatedSystem
   helper :all # include all helpers, all the time
+	include AuthenticatedSystem
 
   # See ActionController::RequestForgeryProtection for details
   # Uncomment the :secret if you're not using the cookie session store

app/controllers/sessions_controller.rb

@@ -1,5 +1,6 @@
 # This controller handles the login/logout function of the site.  
 class SessionsController < ApplicationController
+  # Be sure to include AuthenticationSystem in Application Controller instead
 
   # render new.rhtml
   def new
@@ -17,7 +18,7 @@ def create
       new_cookie_flag = (params[:remember_me] == "1")
       handle_remember_cookie! new_cookie_flag
       redirect_back_or_default('/')
-      flash[:success] = "Welcome back #{h(user.login)}"
+      flash[:notice] = "Logged in successfully"
     else
       note_failed_signin
       @login       = params[:login]

app/helpers/users_helper.rb

@@ -17,77 +17,4 @@ def if_authorized?(action, resource, &block)
     end
   end
 
-  #
-  # Link to user's page ('users/1')
-  #
-  # By default, their login is used as link text and link title (tooltip)
-  #
-  # Takes options
-  # * :content_text => 'Content text in place of user.login', escaped with
-  #   the standard h() function.
-  # * :content_method => :user_instance_method_to_call_for_content_text
-  # * :title_method => :user_instance_method_to_call_for_title_attribute
-  # * as well as link_to()'s standard options
-  #
-  # Examples:
-  #   link_to_user @user
-  #   # => <a href="/users/3" title="barmy">barmy</a>
-  #
-  #   # if you've added a .name attribute:
-  #  content_tag :span, :class => :vcard do
-  #    (link_to_user user, :class => 'fn n', :title_method => :login, :content_method => :name) +
-  #          ': ' + (content_tag :span, user.email, :class => 'email')
-  #   end
-  #   # => <span class="vcard"><a href="/users/3" title="barmy" class="fn n">Cyril Fotheringay-Phipps</a>: <span class="email">barmy@blandings.com</span></span>
-  #
-  #   link_to_user @user, :content_text => 'Your user page'
-  #   # => <a href="/users/3" title="barmy" class="nickname">Your user page</a>
-  #
-  def link_to_user(user, options={})
-    raise "Invalid user" unless user
-    options.reverse_merge! :content_method => :login, :title_method => :login, :class => :nickname
-    content_text      = options.delete(:content_text)
-    content_text    ||= user.send(options.delete(:content_method))
-    options[:title] ||= user.send(options.delete(:title_method))
-    link_to h(content_text), user_path(user), options
-  end
-
-  #
-  # Link to login page using remote ip address as link content
-  #
-  # The :title (and thus, tooltip) is set to the IP address 
-  #
-  # Examples:
-  #   link_to_login_with_IP
-  #   # => <a href="/login" title="169.69.69.69">169.69.69.69</a>
-  #
-  #   link_to_login_with_IP :content_text => 'not signed in'
-  #   # => <a href="/login" title="169.69.69.69">not signed in</a>
-  #
-  def link_to_login_with_IP content_text=nil, options={}
-    ip_addr           = request.remote_ip
-    content_text    ||= ip_addr
-    options.reverse_merge! :title => ip_addr
-    if tag = options.delete(:tag)
-      content_tag tag, h(content_text), options
-    else
-      link_to h(content_text), login_path, options
-    end
-  end
-
-  #
-  # Link to the current user's page (using link_to_user) or to the login page
-  # (using link_to_login_with_IP).
-  #
-  def link_to_current_user(options={})
-    if current_user
-      link_to_user current_user, options
-    else
-      content_text = options.delete(:content_text) || 'not signed in'
-      # kill ignored options from link_to_user
-      [:content_method, :title_method].each{|opt| options.delete(opt)} 
-      link_to_login_with_IP content_text, options
-    end
-  end
-
 end

app/models/user.rb

@@ -4,7 +4,6 @@ class User < ActiveRecord::Base
   include Authentication
   include Authentication::ByPassword
   include Authentication::ByCookieToken
-  include Authorization::AasmRoles
 
   validates_presence_of     :login
   validates_length_of       :login,    :within => 3..40
@@ -36,7 +35,7 @@ class User < ActiveRecord::Base
   #
   def self.authenticate(login, password)
     return nil if login.blank? || password.blank?
-    u = find_in_state :first, :active, :conditions => {:login => login} # need to get the salt
+    u = find_by_login(login) # need to get the salt
     u && u.authenticated?(password) ? u : nil
   end
 
@@ -50,10 +49,6 @@ def email=(value)
 
   protected
 
-    def make_activation_code
-        self.deleted_at = nil
-        self.activation_code = self.class.make_token
-    end
 
 
 end

app/views/layouts/application.html.erb

@@ -10,13 +10,6 @@
 		<div id="container">
 			<div id="header">
 				<h1><%= link_to 'RubyJobs', :root %></h1>
-				<p>
-					<% if logged_in? %>
-						Hi <%= current_user.login %> <%= link_to 'logout', :logout %>
-					<% else %>
-						<%= link_to 'login', :login %> / <%= link_to 'signup', :signup %>
-					<% end %>
-				</p>
 			</div>
 			<div id="navigation">
 				<ul>

config/environment.rb

@@ -11,10 +11,7 @@
 require File.join(File.dirname(__FILE__), 'boot')
 
 Rails::Initializer.run do |config|
-
-	config.gem "rubyist-aasm", :source => "http://gems.github.com", :lib => 'aasm'
-
-	config.active_record.observers = :user_observer
+
   config.time_zone = 'UTC'
 
   config.action_controller.session = {

config/initializers/site_keys.rb

@@ -1,4 +1,3 @@
-#NOTE: GJ: I'll remove this file and change key once we are close to deployment, but I'll leave it here for now.
 
 # A Site key gives additional protection against a dictionary attack if your
 # DB is ever compromised.  With no site key, we store
@@ -17,7 +16,7 @@
 # Please note: if you change this, all the passwords will be invalidated, so DO
 # keep it someplace secure.  Use the random value given or type in the lyrics to
 # your favorite Jay-Z song or something; any moderately long, unpredictable text.
-REST_AUTH_SITE_KEY         = 'c4693a7a8637f52082c5bf24d894b9053e7bca3d'
+REST_AUTH_SITE_KEY         = 'dbfa36bab66046775b676fcec6115ef13d5e14fc'
 
 # Repeated applications of the hash make brute force (even with a compromised
 # database and site key) harder, and scale with Moore's law.

config/routes.rb

@@ -3,10 +3,12 @@
   map.login '/login', :controller => 'sessions', :action => 'new'
   map.register '/register', :controller => 'users', :action => 'create'
   map.signup '/signup', :controller => 'users', :action => 'new'
-	map.activate '/activate/:activation_code', :controller => 'users', :action => 'activate', :activation_code => nil
-	
+  map.resources :users
+
   map.resource :session
-	map.resources :users, :member => { :suspend => :put, :unsuspend => :put, :purge => :delete }
+
+	map.activate '/activate/:activation_code', :controller => 'users', :action => 'activate', :activation_code => nil
+		map.resources :users, :member => { :suspend => :put, :unsuspend => :put, :purge => :delete }
 
   map.root :controller => "home"
 end

db/migrate/20081210104519_create_users.rb → db/migrate/20081213105754_create_users.rb

@@ -10,10 +10,8 @@ def self.up
       t.column :updated_at,                :datetime
       t.column :remember_token,            :string, :limit => 40
       t.column :remember_token_expires_at, :datetime
-      t.column :activation_code,           :string, :limit => 40
-      t.column :activated_at,              :datetime
-      t.column :state,                     :string, :null => :no, :default => 'passive'
-      t.column :deleted_at,                :datetime
+
+
     end
     add_index :users, :login, :unique => true
   end

public/stylesheets/main.css

@@ -77,10 +77,6 @@ body {
 		font-size: 			2em;
 	}
 
-	#header p {
-		float: 				right;
-	}
-
 #navigation {
 	background-color: 		#ccc;
 	padding: 				4px;

spec/controllers/sessions_controller_spec.rb

@@ -44,6 +44,7 @@ def do_create
             it "kills existing login"        do controller.should_receive(:logout_keeping_session!); do_create; end    
             it "authorizes me"               do do_create; controller.send(:authorized?).should be_true;   end    
             it "logs me in"                  do do_create; controller.send(:logged_in?).should  be_true  end    
+            it "greets me nicely"            do do_create; response.flash[:notice].should =~ /success/i   end
             it "sets/resets/expires cookie"  do controller.should_receive(:handle_remember_cookie!).with(want_remember_me); do_create end
             it "sends a cookie"              do controller.should_receive(:send_remember_cookie!);  do_create end
             it 'redirects to the home page'  do do_create; response.should redirect_to('/')   end