session support and logout

README.md

@@ -23,4 +23,4 @@ On other operating systems the development dependencies are left to the reader.
 
 ## Notes
 
-The model and controler for the user authentication is borrowed from the show notes/code sample of (Railscast 270)[https://github.com/railscasts/episode-270/tree/master/auth-after] for the sake of saving time. Thanks Ryan!
+The model and controllers for the user authentication are borrowed from the show notes/code samples of (Railscast 270)[https://github.com/railscasts/episode-270/tree/master/auth-after] for the sake of time savings. Thanks Ryan!

app/assets/stylesheets/application.css

@@ -20,34 +20,29 @@
   box-shadow: 0px 0px 4px #F41;
 }
 
-.messages {
+#messages div {
   color: white;
   box-shadow: inset 0px 0px 4px black;
-  padding: 10px 20px;
 }
 
-.messages ul {
-  padding: 0px;
-  margin: 8px 0;
+#messages ul {
+  padding: 15px;
+  margin: 0px;
 }
 
-.messages li {
+#messages li {
   padding: 3px 0;
   list-style: none;
 }
 
-.messages.error {
+#alert {
   background-color: #F41;
 }
 
-.messages.alert {
+#notice {
   background-color: #4B4;
 }
 
-.ui-mobile fieldset {
-  margin: 0 20px;
-}
-
 input.ui-input-text {
   background-color: white;
 }

app/controllers/application_controller.rb

@@ -1,3 +1,9 @@
 class ApplicationController < ActionController::Base
   protect_from_forgery
+  helper_method :current_user
+
+  private
+  def current_user
+    @current_user ||= User.find(session[:user_id]) if session[:user_id]
+  end
 end

app/controllers/sessions_controller.rb

@@ -0,0 +1,20 @@
+class SessionsController < ApplicationController
+  def new; end
+
+  def create
+    user = User.find_by_email(params[:email])
+
+    if user && user.authenticate(params[:password])
+      session[:user_id] = user.id
+      redirect_to root_url, :notice => "Logged in"
+    else
+      flash.now.alert = "Invalid email or password"
+      render "new"
+    end
+  end
+
+  def destroy
+    session[:user_id] = nil
+    redirect_to root_url, :notice => "Logged out"
+  end
+end

app/views/layouts/application.html.erb

@@ -12,11 +12,34 @@
 <body>
   <div data-role="page" data-dom-cache="true">
     <div data-role="header">
+      <% if current_user %>
+        <%= link_to "log out", session_path(current_user), :method => :delete, "data-icon" => "delete", :class => "ui-btn-right" %>
+      <% end %>
       <h1><%= yield :heading %></h1>
     </div>
 
-    <%= yield :message %>
-    <%= yield %>
+    <div id="messages">
+      <div id="alert">
+        <% if flash[:alert] %>
+          <ul>
+            <li><%= flash[:alert] %></li>
+          </ul>
+        <% else %>
+          <%= yield :error %>
+        <% end %>
+      </div>
+      <div id="notice">
+        <% if flash[:notice] %>
+          <ul>
+            <li><%= flash[:notice] %></li>
+          </ul>
+        <% end %>
+      </div>
+    </div>
+
+    <div data-role="content">
+      <%= yield %>
+    </div>
   </div>
 </body>
 </html>

app/views/sessions/new.html.erb

@@ -0,0 +1,17 @@
+<% content_for :heading do %>
+  Log in
+<% end %>
+
+<%= form_tag(sessions_path) do %>
+  <fieldset>
+    <div data-role="fieldcontain">
+      <%= label_tag :email %>
+      <%= text_field_tag :email, nil, :placeholder => "john.doe@example.com" %>
+    </div>
+    <div data-role="fieldcontain">
+      <%= label_tag :password %>
+      <%= password_field_tag :password %>
+    </div>
+    <%= submit_tag "Log in" %>
+  </fieldset>
+<% end %>

app/views/users/new.html.erb

@@ -2,15 +2,13 @@
   Create an account
 <% end %>
 
-<% content_for :message do %>
+<% content_for :error do %>
   <% if @user.errors.any? %>
-    <div class="messages error">
       <ul>
         <% for message in @user.errors.full_messages %>
           <li><%= message %></li>
         <% end %>
       </ul>
-    </div>
   <% end %>
 <% end %>
 

config/routes.rb

@@ -1,6 +1,7 @@
 RailsJqm::Application.routes.draw do
-  root :to => "users#new"
+  root :to => "sessions#new"
   resources :users
+  resources :sessions
   # The priority is based upon order of creation:
   # first created -> highest priority.