From 269f648d21d72a0e3ba41b935631a29066203dbe Mon Sep 17 00:00:00 2001 From: Rebecca Date: Fri, 16 Jul 2010 19:00:27 -0700 Subject: [PATCH 1/4] add validation of email address (hard coded list for now) --- app/models/user.rb | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/app/models/user.rb b/app/models/user.rb index 4bd0a7b..49efece 100644 --- a/app/models/user.rb +++ b/app/models/user.rb @@ -8,4 +8,12 @@ class User < ActiveRecord::Base attr_accessible :email, :password, :password_confirmation has_many :tasks + def validate + valid_addresses = [ "somerset@gmail.com", "rebecca.gutterman@gmail.com", "mrnicksgirl@gmail.com", "beverly@beverlynelson.net"] + if valid_addresses.include? email + else + message = email+" not in whitelist, application is restricted to approved users during beta." + errors.add("email ",message) + end + end end From 4ddf3e435b36ebd5b60288efbea806d9927344d9 Mon Sep 17 00:00:00 2001 From: Rebecca Date: Sat, 17 Jul 2010 10:56:54 -0700 Subject: [PATCH 2/4] devise email confirmation --- app/models/user.rb | 2 +- config/initializers/devise.rb | 24 +++++++++++++------ .../20100708012534_devise_create_users.rb | 6 +++-- 3 files changed, 22 insertions(+), 10 deletions(-) diff --git a/app/models/user.rb b/app/models/user.rb index 49efece..079b7ab 100644 --- a/app/models/user.rb +++ b/app/models/user.rb @@ -2,7 +2,7 @@ class User < ActiveRecord::Base # Include default devise modules. Others available are: # :http_authenticatable, :token_authenticatable, :confirmable, :lockable, :timeoutable and :activatable devise :registerable, :authenticatable, :recoverable, - :rememberable, :trackable, :validatable + :rememberable, :trackable, :validatable, :confirmable, :lockable, :timeoutable, :activatable # Setup accessible (or protected) attributes for your model attr_accessible :email, :password, :password_confirmation diff --git a/config/initializers/devise.rb b/config/initializers/devise.rb index a7c5f00..91107ef 100644 --- a/config/initializers/devise.rb +++ b/config/initializers/devise.rb @@ -2,7 +2,7 @@ # four configuration values can also be set straight in your models. Devise.setup do |config| # Configure the e-mail address which will be shown in DeviseMailer. - config.mailer_sender = "please-change-me@config-initializers-devise.com" + config.mailer_sender = "dailytasksapp@gmail.com" # Configure the content type of DeviseMailer mails (defaults to text/html") # config.mailer_content_type = "text/plain" @@ -35,29 +35,29 @@ # ==> Configuration for :confirmable # The time you want give to your user to confirm his account. During this time # he will be able to access your application without confirming. Default is nil. - # config.confirm_within = 2.days + config.confirm_within = 2.hours # ==> Configuration for :rememberable # The time the user will be remembered without asking for credentials again. - # config.remember_for = 2.weeks + config.remember_for = 2.weeks # ==> Configuration for :timeoutable # The time you want to timeout the user session without activity. After this # time the user will be asked for credentials again. - # config.timeout_in = 10.minutes + config.timeout_in = 10.minutes # ==> Configuration for :lockable # Number of authentication tries before locking an account. - # config.maximum_attempts = 20 + config.maximum_attempts = 20 # Defines which strategy will be used to unlock an account. # :email = Sends an unlock link to the user email # :time = Reanables login after a certain ammount of time (see :unlock_in below) # :both = enables both strategies - # config.unlock_strategy = :both + config.unlock_strategy = :both # Time interval to unlock the account if :time is enabled as unlock_strategy. - # config.unlock_in = 1.hour + config.unlock_in = 1.hour # ==> Configuration for :token_authenticatable # Defines name of the authentication token params key @@ -102,4 +102,14 @@ # config.default_url_options do # { :locale => I18n.locale } # end + + ActionMailer::Base.smtp_settings = { + :address => "smtp.gmail.com", + :port => 587, + :domain => 'domain.com', + :user_name => 'dailytasksapp@gmail.com', + :password => 'devchix!', + :authentication => 'plain', + :enable_starttls_auto => true + } end diff --git a/db/migrate/20100708012534_devise_create_users.rb b/db/migrate/20100708012534_devise_create_users.rb index 5dad14a..c40451c 100644 --- a/db/migrate/20100708012534_devise_create_users.rb +++ b/db/migrate/20100708012534_devise_create_users.rb @@ -6,8 +6,10 @@ def self.up t.recoverable t.rememberable t.trackable - # t.lockable - + t.lockable + t.timeoutable + t.activatable + t.timestamps end From e3faf6d456d57f38214eaf7d581ffb5bdbb52258 Mon Sep 17 00:00:00 2001 From: Rebecca Date: Sun, 18 Jul 2010 09:19:34 -0700 Subject: [PATCH 3/4] only do the whitelist validation on create --- app/models/user.rb | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/app/models/user.rb b/app/models/user.rb index 079b7ab..c1d51eb 100644 --- a/app/models/user.rb +++ b/app/models/user.rb @@ -8,7 +8,7 @@ class User < ActiveRecord::Base attr_accessible :email, :password, :password_confirmation has_many :tasks - def validate + def validate_on_create valid_addresses = [ "somerset@gmail.com", "rebecca.gutterman@gmail.com", "mrnicksgirl@gmail.com", "beverly@beverlynelson.net"] if valid_addresses.include? email else From b50190f9a70147390736a1273c8d8df271233fc3 Mon Sep 17 00:00:00 2001 From: Rebecca Date: Sun, 18 Jul 2010 09:25:48 -0700 Subject: [PATCH 4/4] display the alert (used for devise login errors) --- app/views/layouts/application.html.haml | 2 ++ 1 file changed, 2 insertions(+) diff --git a/app/views/layouts/application.html.haml b/app/views/layouts/application.html.haml index 7a2577b..01ce2e3 100644 --- a/app/views/layouts/application.html.haml +++ b/app/views/layouts/application.html.haml @@ -38,5 +38,7 @@ .flash %p{:style => "color: green"} =flash[:notice] + %p{:style => "color: red"} + = flash[:alert] .container =yield