updated for a better user experience

Gemfile

@@ -11,6 +11,6 @@ gem 'rack-openid', '>=0.2.1', :require => 'rack/openid'
 gem "authlogic", :git => "git://github.com/odorcicd/authlogic.git", :branch => "rails3"
 gem "oauth"
 gem "oauth2"
-gem "authlogic-connect" # version 0.0.3.3
+gem "authlogic-connect" # version 0.0.4
 
 gem "shoulda", :git => "git://github.com/bmaddy/shoulda", :branch => "rails3"

app/controllers/user_sessions_controller.rb

@@ -15,7 +15,12 @@ def create
         flash[:notice] = "Login successful!"
         redirect_to current_user ? profile_url(current_user) : login_url
       else
-        render :action => :new
+        if @user_session.errors.on(:user)
+          # if we set error on the base object, likely it's because we didn't find a user
+          render :action => :confirm
+        else
+          render :action => :new
+        end
       end
     end
   end

app/controllers/users_controller.rb

@@ -6,7 +6,7 @@ class UsersController < ApplicationController
   def new
     @user = User.new
   end
-  
+
   def create
     @user = User.new(params[:user])
     # block! see user_sessions_controller.rb for description
@@ -15,12 +15,13 @@ def create
         flash[:notice] = "Account registered!"
         redirect_back_or_default profile_url(@user)
       else
-        render :action => :new
+        redirect_to login_url
       end
     end
   end
-  
+
   def show
+    puts "SESSION: #{session.inspect}"
     @user = @current_user
     @profile = @user.profile
   end
@@ -30,6 +31,7 @@ def edit
   end
 
   def update
+    return create unless @current_user
     @user = @current_user # makes our views "cleaner" and more consistent
     @user.update_attributes(params[:user]) do |result|
       if result
@@ -45,7 +47,6 @@ def update
   def detonate
     session.clear
     User.all.collect(&:destroy)
-    Token.all.collect(&:destroy)
-    redirect_to signup_url
+    redirect_to login_url
   end
 end

app/models/user.rb

@@ -1,5 +1,9 @@
 class User < ActiveRecord::Base
-  acts_as_authentic
+  acts_as_authentic do |config|
+    config.validate_email_field    = false
+    config.validate_login_field    = false
+    config.validate_password_field = false
+  end
 
   include ExampleProfile
-end
+end

app/views/user_sessions/confirm.html.haml

@@ -1,174 +1,14 @@
-
-<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
-<html>
-<head>
-
-    <title>Confirm OpenID - Stack Overflow</title>
-    <link rel="stylesheet" href="http://sstatic.net/so/all.css?v=0554a32b907e">
-    <link rel="shortcut icon" href="http://sstatic.net/so/favicon.ico">
-    <link rel="apple-touch-icon" href="http://sstatic.net/so/apple-touch-icon.png">
-    <link rel="search" type="application/opensearchdescription+xml" title="Stack Overflow" href="http://sstatic.net/so/opensearch.xml">
-
-    <script type="text/javascript" src="http://ajax.googleapis.com/ajax/libs/jquery/1.3.2/jquery.min.js"></script>
-
-    <script type="text/javascript" src="http://sstatic.net/so/js/master.js?v=1efdfca3b527"></script>
-    <script type="text/javascript">
-    var imagePath='http://sstatic.net/so/img/';
-
-    </script>
-
-
-</head>
-<body class="user-page">
-    <noscript><div id="noscript-padding"></div></noscript>
-    <div id="notify-container"></div>
-
-
-    <script type="text/javascript">
-        $(function() { notify.showFirstTime(); });
-    </script>
-
-
-    <div id="custom-header"></div>
-    <div class="container">        
-        <div id="header">
-            <div id="topbar">
-                <div id="hlinks">
-                    <span id="hlinks-user">
-
-
-                    </span>
-                    <span id="hlinks-nav">
-                    <a href="/users/login?returnurl=%2fusers%2fauthenticate%2f%26dnoa.usersuppliedidentifier%3d%2fprofiles%2flancejpollard%26openid.ns%3d%2fauth%2f2.0%26openid.mode%3did_res%26openid.op_endpoint%3dhttps%3a%2f%2fwww.google.com%2faccounts%2fo8%2fud%3fsource%3dprofiles%26openid.response_nonce%3d2010-05-24t10%3a48%3a55zx5-tosq3ptdjsa%26openid.return_to%3d%2fusers%2fauthenticate%2f%26dnoa.usersuppliedidentifier%3dhttp%25253a%25252f%25252fwww.google.com%25252fprofiles%25252flancejpollard%26openid.assoc_handle%3daoqobucg0dqpx0by92cymtrhfn0h0l3ej7bmsg-ipf4ndtwah-y-wzuu%26openid.signed%3dop_endpoint%2cclaimed_id%2cidentity%2creturn_to%2cresponse_nonce%2cassoc_handle%2cns.ext1%2cext1.mode%2cext1.type.alias4%2cext1.value.alias4%26openid.sig%3djkmixcg3h0pwpmpcvo%2blkncfhyy%3d%26openid.identity%3d%2fprofiles%2flancejpollard%26openid.claimed_id%3d%2fprofiles%2flancejpollard%26openid.ns.ext1%3d%2fsrv%2fax%2f1.0%26openid.ext1.mode%3dfetch_response%26openid.ext1.type.alias4%3d%2fcontact%2femail%26openid.ext1.value.alias4%3dlancejpollard%40gmail.com">log in</a>
-<span class="lsep">|</span>
-<a href="http://careers.stackoverflow.com/">careers</a>
-<span class="lsep">|</span>
-
-                    </span>
-                    <span id="hlinks-custom">
-                    <a href="/about">about</a> <span class="lsep">|</span> <a href="/faq">faq</a>
-                    </span>
-                </div>
-                <div id="hsearch">
-                    <form id="search" action="/search" method="get">
-                    <div>
-                        <input name="q" class="textbox" tabindex="1" onfocus="if (this.value=='search') this.value = ''" type="text" maxlength="80" size="28" value="search">
-                    </div>
-                    </form>
-                </div>
-            </div>
-            <br class="cbt">
-            <div id="hlogo">
-                <a href="/">Stack Overflow</a>
-            </div>
-            <div id="hmenus">
-                <div class="nav mainnavs">
-                    <ul>
-                        <li><a id="nav-questions" href="/questions">Questions</a></li>
-                        <li><a id="nav-tags" href="/tags">Tags</a></li>
-                        <li class="youarehere"><a id="nav-users" href="/users">Users</a></li>
-                        <li><a id="nav-badges" href="/badges">Badges</a></li>
-                        <li><a id="nav-unanswered" href="/unanswered">Unanswered</a></li>
-                    </ul>
-                </div>
-                <div class="nav askquestion">
-                    <ul>
-                        <li id="nav-askquestion" >
-                            <a href="/questions/ask">Ask Question</a>
-                        </li>
-                    </ul>
-                </div>
-            </div>
-        </div>
-
-        <div id="content">
-
-    <div class="subheader">
-        <h1>Confirm OpenID</h1>
-    </div>
-    <div class="page-description">
-        <form id="logout-user" action="/users/openidconfirm" method="post">    
-
-            <p>This OpenID does not have an account on Stack Overflow yet:</p>
-            <p class="openid-identifier" style="font-size: 150%">http://www.google.com/profiles/lancejpollard</p>
-
-            <div>
-                <input type="hidden" name="fkey" value="94e44e79fc85efa8913d7ceecb9428be">
-                <input type="hidden" name="s" value="72a20111-e749-402a-ac2c-109315bb2650">
-                <input type="submit" value="Create New Account" style="font-size: 120%">
-                <input type="button" value="Cancel" style="font-size: 120%" onclick="window.location.href = 'http://stackoverflow.com/?s=72a20111-e749-402a-ac2c-109315bb2650'">
-            </div>            
-        </form>
-
-        <br>
-        <p id="help-wrongplace">
-            <i>If you think you already have a Stack Overflow account, and you were just trying to associate a new OpenID with an existing Stack Overflow account, <a href="javascript:void(0);" onclick="$('#help-hidden').show();$('#help-wrongplace').hide();">you're in the wrong place</a>.</i>
-        </p>
-        <div id="help-hidden" class="dno">
-            <p>
-            You're not logged into Stack Overflow right now. If you have a Stack Overflow account, and you'd like to associate <i>another</i> OpenID with it, here's what to do:
-            </p>
-            <ul>
-                <li><a href="/users/login">Log in</a> in to Stack Overflow with your existing OpenID credentials</li>
-                <li>Click on your name to go to your user page</li>
-                <li>Click the <b>change OpenID</b> link on your user page</li>
-            </ul>
-        </div>
-
-    </div>
-
-        </div>
-    </div>
-    <div id="footer">
-        <div class="footerwrap">
-            <div id="footer-menu">
-                <a href="/about">about</a> |
-                <a href="/faq">faq</a> |
-                <a href="http://blog.stackoverflow.com/">blog</a> |
-                <a href="http://itc.conversationsnetwork.org/series/stackoverflow.html">podcast</a> |
-                <a href="/privacy">privacy policy</a> |
-                <a href="http://ads.stackoverflow.com/a.aspx?ZoneID=0&amp;BannerID=323&amp;AdvertiserID=5&amp;CampaignID=194&amp;Task=Click&amp;SiteID=1">advertising info</a> |
-                <b><a href="mailto:team@stackoverflow.com">contact us</a></b> |
-                <b><a href="http://meta.stackoverflow.com">feedback always welcome</a></b>
-                <div id="footer-sites">
-                    <span style="color:#FE7A15;font-size:140%">&#9632;</span>&nbsp;<a href="http://stackoverflow.com">stackoverflow.com</a>&nbsp;&nbsp;
-                    <span style="color:#FE7A15;font-size:140%">&#9632;</span>&nbsp;<a href="http://stackapps.com">api/apps</a>&nbsp;&nbsp;
-                    <span style="color:#FE7A15;font-size:140%">&#9632;</span>&nbsp;<a href="http://careers.stackoverflow.com">careers</a>&nbsp;&nbsp;                    
-                    <span style="color:#E8272C;font-size:140%">&#9632;</span>&nbsp;<a href="http://serverfault.com">serverfault.com</a>&nbsp;&nbsp;
-                    <span style="color:#00AFEF;font-size:140%">&#9632;</span>&nbsp;<a href="http://superuser.com">superuser.com</a>&nbsp;&nbsp;
-                    <span style="color:#969696;font-size:140%">&#9632;</span>&nbsp;<a href="http://meta.stackoverflow.com">meta</a>&nbsp;&nbsp;
-                    <a href="http://www.howtogeek.com">howtogeek.com</a>&nbsp;&nbsp;
-                    <a href="http://doctype.com">doctype.com</a>
-                </div>
-            </div>
-            <div id="footer-flair">
-	            <a href="http://creativecommons.org/licenses/by-sa/2.5/" class="cc-wiki-link"></a>
-	            <a href="http://www.peakinternet.com/business/hosting/colocation-dedicated#" class="peak-link"></a>
-                <div id="svnrev">revision: 2010.5.24.2</div>
-
-            </div>
-            <div id="copyright">
-                site design / logo &copy; 2010 stackoverflow.com internet services, inc; 
-                user contributions licensed under <a href="http://creativecommons.org/licenses/by-sa/2.5/" rel="license">cc-wiki</a> with <a href="http://blog.stackoverflow.com/2009/06/attribution-required/" rel="license">attribution required</a>
-            </div>
-        </div>
-    </div>
-
-    <noscript>
-        <div id="noscript-warning">Stack Overflow works best with JavaScript enabled<img src="http://pixel.quantserve.com/pixel/p-c1rF4kxgLUzNc.gif" alt="" class="dno"></div>
-    </noscript>
-
-    <script type="text/javascript">
-        document.write(unescape("%3Cscript src='http://www.google-analytics.com/ga.js' type='text/javascript'%3E%3C/script%3E"));
-    </script>
-    <script type="text/javascript">
-        var pageTracker = _gat._getTracker("UA-5620270-1");
-        pageTracker._trackPageview();
-    </script>
-    <script type="text/javascript">
-        _qoptions = { qacct : "p-c1rF4kxgLUzNc" };
-    </script>
-    <script type="text/javascript" src="http://edge.quantserve.com/quant.js"></script>
-
-</body>
-</html>
+%h2 Confirm
+%form.authentication_form{:action => signup_url, :method => :post}
+  %fieldset
+    / authentication_type should be "user" or "session", based on controller
+    - transfer = case session[:auth_method]
+      - when "oauth"
+        - %w(_key _token _secret auth_method oauth_provider)
+      - when "openid"
+        - %w(auth_method openid_identifier)
+    - transfer.each do |hidden|
+      %input{:type => :hidden, :name => hidden.to_sym, :value => session[hidden.to_sym]}
+    %input{:type => :hidden, :name => :authentication_type, :value => :user}
+    %input{:type => :text, :name => "user[email]"}
+  %input.submit{:name => :submit, :type => :submit, :value => "Register"}/

app/views/user_sessions/new.html.haml

@@ -1,18 +1,19 @@
 %h2 Login!
-%form#authentication_form{:action => authenticate_url, :method => :post}
+- form_for @user_session, :url => authenticate_path, :html => { :method => :post, :class => "authentication_form" } do |f|
+  = f.error_messages
+  / authentication_type should be "user" or "session", based on controller
+  = oauth_login_hidden_input
   %fieldset
-    %input{:type => :hidden, :name => :authentication_method, :value => :oauth}
-    %input{:type => :hidden, :name => :authentication_type, :value => :session}
-    %legend Click your Oauth or OpenID provider.
+    %legend Click your Oauth or OpenID provider
     .oauth_providers
       %ul
-        - %w(google facebook twitter).each do |name|
+        - %w(google facebook twitter yahoo myspace linked_in).each do |name|
           %li.oauth_provider
-            %img{:src => "/images/icons/#{name}.png"}
-            %input{:type => :radio, :id => "#{name}_oauth_provider", :name => :oauth_provider, :value => name}
+            = image_tag "/images/icons/#{name}.png"
+            = radio_button_tag :oauth_provider, name
         .clearfix
   %fieldset
     %legend Or type in your OpenID address
     .openid_address
-      %input.nice{:type => :text, :name => "openid_identifier"}
-  %input.submit{:name => :submit, :type => :submit, :value => "Register"}/
+      = text_field_tag :openid_identifier, nil, :class => :nice
+  = submit_tag "Login", :class => :submit

app/views/users/edit.html.haml

@@ -1,12 +1,11 @@
 %h2 My Account
-%form#authentication_form{:action => connect_path, :method => :post}
+%form.authentication_form{:action => connect_path, :method => :post}
   %fieldset
     %input{:type => :hidden, :name => :authentication_type, :value => :user}
-    %input{:type => :hidden, :name => :_method, :value => :put}
     %legend Add another Oauth or OpenID provider.
     .oauth_providers
       %ul
-        - %w(google facebook twitter).each do |name|
+        - %w(google facebook twitter yahoo myspace linked_in).each do |name|
           %li.oauth_provider
             %img{:src => "/images/icons/#{name}.png"}
             %input{:type => :radio, :id => "#{name}_oauth_provider", :name => :oauth_provider, :value => name}
@@ -15,4 +14,4 @@
     %legend Or type in your OpenID address
     .openid_address
       %input.nice{:type => :text, :name => "openid_identifier"}
-  %input.submit{:name => :submit, :type => :submit, :value => "Update"}/
+  %input.submit{:name => :submit, :type => :submit, :value => "Update"}/

app/views/users/new.html.haml

@@ -1,12 +1,12 @@
-%h2 Login or Register!
-%form#authentication_form{:action => register_url, :method => :post}
+%h2 Login!
+%form.authentication_form{:action => register_url, :method => :post}
   %fieldset
     / authentication_type should be "user" or "session", based on controller
     %input{:type => :hidden, :name => :authentication_type, :value => :user}
     %legend Click your Oauth or OpenID provider.
     .oauth_providers
       %ul
-        - %w(google facebook twitter).each do |name|
+        - %w(google facebook twitter yahoo myspace linked_in).each do |name|
           %li.oauth_provider
             %img{:src => "/images/icons/#{name}.png"}
             %input{:type => :radio, :id => "#{name}_oauth_provider", :name => :oauth_provider, :value => name}

config/routes.rb

@@ -1,15 +1,17 @@
 AuthlogicConnectExample::Application.routes.draw do |map|
-  match "/reset" => "users#detonate"
+
   match 'logout' => 'user_sessions#destroy', :as => :logout
   match 'login' => 'user_sessions#new', :as => :login
   match 'authenticate' => 'user_sessions#create', :as => :authenticate, :via => :post
   match 'signup' => 'users#new', :as => :signup
-  match 'register' => 'users#create', :as => :register, :via => :post
-  match 'connect' => 'users#update', :as => :connect, :via => :put
+  match 'connect' => 'users#update', :as => :connect, :via => :post
+
+  match "reset" => "users#detonate"
+
   map.resources :users
   map.resource :user_session
 
   match ':id' => 'users#show', :as => :profile
   root :to => "users#new"
 
-end
+end

db/migrate/20100506020514_create_users.rb

@@ -4,6 +4,7 @@ def self.up
       # authlogic
       t.timestamps
       t.string :login, :null => true
+      t.string :email, :null => true
       t.string :crypted_password, :null => true
       t.string :password_salt, :null => true
       t.string :persistence_token, :null => false

db/schema.rb

@@ -39,6 +39,7 @@
     t.datetime "created_at"
     t.datetime "updated_at"
     t.string   "login"
+    t.string   "email"
     t.string   "crypted_password"
     t.string   "password_salt"
     t.string   "persistence_token",                :null => false
@@ -48,7 +49,6 @@
     t.datetime "current_login_at"
     t.string   "last_login_ip"
     t.string   "current_login_ip"
-    t.string   "openid_identifier"
     t.integer  "active_token_id"
   end
 

public/javascripts/application.js

@@ -2,7 +2,7 @@ $ = jQuery.noConflict();
 Cufon.replace('h2, p, legend');
 
 $(document).ready(function() {
-  $form = $("#authentication_form");
+  $form = $(".authentication_form");
 
   // progressively enhance buttons
   $("li.oauth_provider").each(function(index, element) {