Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with
or
.
Download ZIP
Browse files

Added user authentication

  • Loading branch information...
commit e36667b5615f106e3c25323ae5d709fb32c1c4b8 1 parent 1bce34b
@florida authored
View
2  Gemfile
@@ -7,7 +7,7 @@ gem 'rails', '3.2.8'
gem 'sqlite3'
-
+gem "bcrypt-ruby", :require => "bcrypt"
# Gems used only for assets and not required
# in production environments by default.
group :assets do
View
2  Gemfile.lock
@@ -29,6 +29,7 @@ GEM
i18n (~> 0.6)
multi_json (~> 1.0)
arel (3.0.2)
+ bcrypt-ruby (3.0.1)
builder (3.0.4)
coffee-rails (3.2.2)
coffee-script (>= 2.2.0)
@@ -103,6 +104,7 @@ PLATFORMS
ruby
DEPENDENCIES
+ bcrypt-ruby
coffee-rails (~> 3.2.1)
jquery-rails
rails (= 3.2.8)
View
5 app/controllers/application_controller.rb
@@ -1,3 +1,8 @@
class ApplicationController < ActionController::Base
protect_from_forgery
+ helper_method :current_user
+ private
+ def current_user
+ @current_user ||= User.find(session[:user_id]) if session[:user_id]
+ end
end
View
20 app/controllers/sessions_controller.rb
@@ -0,0 +1,20 @@
+class SessionsController < ApplicationController
+ def new
+ end
+
+ def create
+ user = User.authenticate(params[:email], params[:password])
+ if user
+ session[:user_id] = user.id
+ redirect_to root_url, :notice => "Logged in!"
+ else
+ flash.now.alert = "Invalid email or password"
+ render "new"
+ end
+ end
+
+ def destroy
+ session[:user_id] = nil
+ redirect_to root_url, :notice => "Logged out!"
+ end
+end
View
11 app/controllers/users_controller.rb
@@ -1,4 +1,15 @@
class UsersController < ApplicationController
def new
+ @user = User.new
+ end
+
+ def create
+ @user = User.new(params[:user])
+ if @user.save
+ redirect_to root_url
+ flash[:notice] => "Signed Up!"
+ else
+ render "new"
+ end
end
end
View
2  app/helpers/sessions_helper.rb
@@ -0,0 +1,2 @@
+module SessionsHelper
+end
View
28 app/models/user.rb
@@ -1,3 +1,27 @@
class User < ActiveRecord::Base
- attr_accessible :email, :password_hash, :password_salt
-end
+ attr_accessible :email, :password, :password_confirmation
+
+ attr_accessor :password
+ before_save :encrypt_password
+
+ validates_confirmation_of :password
+ validates_presence_of :password, :on => :create
+ validates_presence_of :email
+ validates_uniqueness_of :email
+
+ def self.authenticate(email, password)
+ user = find_by_email(email)
+ if user && user.password_hash == BCrypt::Engine.hash_secret(password, user.password_salt)
+ user
+ else
+ nil
+ end
+ end
+
+ def encrypt_password
+ if password.present?
+ self.password_salt = BCrypt::Engine.generate_salt
+ self.password_hash = BCrypt::Engine.hash_secret(password, password_salt)
+ end
+ end
+end
View
8 app/views/layouts/application.html.erb
@@ -19,6 +19,14 @@
<li><%= link_to 'Shopping Cart', shoppingcart_path %></li>
</ul>
</nav>
+ <% if current_user %>
+ Logged in as <%= current_user.email %>
+ <%= link_to "Log out", log_out_path %>
+ <% else %>
+ <%= link_to "Sign up", sign_up_path %>
+ <%= link_to "Sign in", log_in_path %>
+ <% end %>
+
</header>
<section id="content">
View
13 app/views/sessions/new.html.erb
@@ -0,0 +1,13 @@
+<h1>Log in</h1>
+
+<%= form_tag sessions_path do %>
+ <p>
+ <%= label_tag :email %><br />
+ <%= text_field_tag :email, params[:email] %>
+ </p>
+ <p>
+ <%= label_tag :password %><br />
+ <%= password_field_tag :password %>
+ </p>
+ <p class="button"><%= submit_tag "Log in" %></p>
+<% end %>
View
33 app/views/users/new.html.erb
@@ -1,2 +1,31 @@
-<h1>Users#new</h1>
-<p>Find me in app/views/users/new.html.erb</p>
+<h1>Sign Up</h1>
+
+<%= form_for @user do |f| %>
+ <% if @user.errors.any? %>
+ <section class="error">
+ <h2>Form is invalid</h2>
+ <ul>
+ <% for message in @user.errors.full_messages %>
+ <li><%= message %></li>
+ <% end %>
+ </ul>
+ </section>
+ <% end %>
+ <section class="field">
+ <%= f.label :email %>
+ <%= f.text_field :email %>
+ </section>
+
+ <section class="field">
+ <%= f.label :password %>
+ <%= f.password_field :password %>
+ </section>
+
+ <section class="field">
+ <%= f.label :password_confirmation %>
+ <%= f.password_field :password_confirmation %>
+ </section>
+ <section class="field">
+ <%= f.submit %>
+ </section>
+<% end %>
View
7 config/routes.rb
@@ -1,6 +1,9 @@
Elmorfstore::Application.routes.draw do
- get "users/new"
-
+ get "log_out" => "sessions#destroy", :as => "log_out"
+get "log_in" => "sessions#new", :as => "log_in"
+get "sign_up" => "users#new", :as => "sign_up"
+ resources :users
+ resources :sessions
match 'store' => 'store#index', :as => 'store', :via => :get
match 'shoppingcart' => 'store#show_cart', :as => 'shoppingcart', :via => :get
match 'add_to_cart/:id' => 'store#add_to_cart', :as => 'add_to_cart'
Please sign in to comment.
Something went wrong with that request. Please try again.