Merge branch 'master' of https://github.com/goggin13/curails-mg343

app/controllers/application_controller.rb

@@ -1,3 +1,4 @@
 class ApplicationController < ActionController::Base
   protect_from_forgery
+  include SessionHelper
 end

app/controllers/sessions_controller.rb

@@ -0,0 +1,21 @@
+class SessionsController < ApplicationController
+
+  def new
+  end
+
+  def create
+	user = User.authenticate(params[:session][:email], params[:session][:password])
+	if user
+	  sign_in(user)
+	  flash[:notice] = "Welcome, #{user.email}!"
+	  redirect_to user_path(user)
+	else
+	  flash[:error] = "Invalid email/password combination"
+	  redirect_to new_session_path
+	end
+  end
+
+  def destroy
+  end
+
+end

app/helpers/session_helper.rb

@@ -0,0 +1,23 @@
+module SessionHelper
+
+  def sign_in(user)
+    cookies[:current_user_id] = user.id
+    self.current_user = user
+  end
+
+  def sign_out_user
+    cookies.delete :current_user_id
+  end
+
+  def current_user=(user)
+    @current_user = user
+  end
+
+  def current_user
+    @current_user ||= User.find_by_id(cookies[:current_user_id])
+  end
+
+  def signed_in?
+    !current_user.nil?
+  end
+end

app/views/layouts/_header.html.erb

@@ -9,9 +9,13 @@
           <li><%= link_to 'Home', root_path %></li>
           <li><%= link_to 'Help', static_pages_help_path %></li>
           <li><%= link_to 'About', static_pages_about_path %></li>
-          <li><%= link_to 'My Profile', '#' %></li>
-          <li><%= link_to 'My Account', '#' %></li>
-          <li><%= link_to 'Logout', '#' %></li>
+		  <% if signed_in? %>
+            <li><%= link_to 'My Profile', user_path(current_user) %></li>
+            <li><%= link_to 'My Account', edit_user_path(current_user) %></li>
+			<li><%= link_to 'Logout', session_path(current_user), method: :delete %></li>
+		  <% else %>
+            <li><%= link_to 'Login', new_session_path %></li>
+		  <% end %>
         </ul>
 
       </div><!--/.nav-collapse -->

app/views/layouts/application.html.erb

@@ -10,7 +10,12 @@
 
   <%= render 'layouts/header' %>
 
-  <div class="container"> 
+  <div class="container">
+
+    <% flash.each do |key, value| %>
+      <div class="alert alert-<%= key %>"><%= value %></div>
+    <% end %> 
+  
     <%= yield %>
     <hr />
     <%= render 'layouts/footer' %>

app/views/sessions/new.html.erb

@@ -0,0 +1,24 @@
+<% provide(:title, 'Login') %>
+
+<div class='row'>
+  <div class='span12'>
+    <h1>Login</h1>
+
+     <%= form_for(:session, url: sessions_path) do |f| %>
+
+      <div class="field">
+        <%= f.label :email %><br />
+        <%= f.text_field :email %>
+      </div>
+      <div class="field">
+        <%= f.label :password %><br />
+        <%= f.password_field :password %>
+      </div>
+      <div class="actions">
+        <%= f.submit "Login" %>
+      </div>
+
+    <% end %>
+
+  </div>
+</div>

app/views/static_pages/home.html.erb

@@ -6,8 +6,10 @@
     sign up and share your thoughts with us in 5-140 character chunks.
   </p>
 
-  <p>
-    <%= link_to 'Sign Up', new_user_path, class: 'btn btn-primary btn-large' %>
-  </p>
+  <% unless signed_in? %>
+    <p>
+      <%= link_to 'Sign Up', new_user_path, class: 'btn btn-primary btn-large' %>
+    </p>
+  <% end %>
 
 </div>

config/routes.rb

@@ -1,7 +1,7 @@
 Info2310::Application.routes.draw do
   resources :micro_posts
 
-
+  resources :sessions, only: [:new, :create, :destroy]
   resources :users
 
 

spec/requests/session_spec.rb

@@ -0,0 +1,167 @@
+require 'spec_helper'
+
+describe "Session Requests" do
+
+  before do
+    @user = User.create! name: "Matt", email: "goggin13@gmail.com", password: "foobar"
+  end
+
+  describe "login form" do
+
+    describe "link" do
+
+      it "should be displayed in the header" do
+        visit root_path
+        page.should have_link("Login", href: new_session_path)
+      end
+    end
+
+    describe "elements" do
+
+      before do
+        visit new_session_path
+      end
+
+      it "should have a field for session[:email]" do
+        page.should have_field 'session[email]'
+      end
+
+      it "should have a field for session[:password]" do
+        page.should have_field 'session[password]'
+      end
+
+      it "should have a login button" do
+        page.should have_button "Login"
+      end
+
+      it "should post to sessions_path" do
+        page.should have_css "form[action='#{sessions_path}'][method='post']"
+      end
+    end
+  end
+
+  describe "login form submission" do
+
+    before do
+      visit new_session_path
+    end
+
+    describe "on success" do
+
+      before do
+        fill_in "Email", with: @user.email
+        fill_in "Password", with: @user.password
+        click_button "Login"
+      end
+
+      it "should redirect to the users profile page" do
+         current_path.should == user_path(@user)
+      end
+
+      it "should display a welcome message" do
+        page.should have_content "Welcome, #{@user.email}!"
+      end
+    end
+
+    describe "on failure" do
+
+      before do
+        fill_in "Email", with: @user.email
+        fill_in "Password", with: "WRONG_PASSWORD"
+        click_button "Login"
+      end
+
+      it "should display the login form again" do
+        current_path.should == new_session_path
+      end
+
+      it "should display an error message" do
+        page.should have_content "Invalid email/password combination"
+      end
+    end
+  end
+
+  describe "customized header" do
+
+    describe "authenticated" do
+
+      before do
+        visit new_session_path
+        fill_in "Email", with: @user.email
+        fill_in "Password", with: @user.password
+        click_button "Login"
+        visit root_path
+      end
+
+      it "should not display a login link" do
+        page.should_not have_link "Login"
+      end
+
+      it "should display a logout link" do
+        page.should have_link "Logout"
+      end
+
+      it "should have a link to the current user's profile" do
+        page.should have_link("My Profile", href: user_path(@user))
+      end
+
+      it "should have a link to the current user's account page" do
+        page.should have_link("My Account", href: edit_user_path(@user))
+      end
+
+      it "should not have a sign up link on the home page" do
+        page.should_not have_link "Sign Up"
+      end
+    end
+
+    describe "anonymous" do
+
+      before do
+        visit root_path
+      end
+
+      it "should display a login link" do
+        page.should have_link "Login"
+      end
+
+      it "should not display a logout link" do
+        page.should_not have_link "Logout"
+      end
+
+      it "should not have a My Profile link" do
+        page.should_not have_link("My Profile")
+      end
+
+      it "should not have a My Account link" do
+        page.should_not have_link("My Account")
+      end
+
+      it "should have a sign up link on the home page" do
+        page.should have_link("Sign Up")
+      end
+    end
+  end
+
+  describe "logging out" do
+
+    before do
+      visit new_session_path
+      fill_in "Email", with: @user.email
+      fill_in "Password", with: @user.password
+      click_button "Login"
+      click_link "Logout"
+    end
+
+    it "should redirect to the home page" do
+      current_path.should == root_path
+    end
+
+    it "should display a farewell message" do
+      page.should have_content "Logged out #{@user.email}"
+    end
+
+    it "should redisplay the login link" do
+      page.should have_link("Login", href: new_session_path)
+    end
+  end
+end