Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
- Loading branch information
Showing
149 changed files
with
11,887 additions
and
187 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,5 +1,6 @@ | ||
public/.DS_Store | ||
log/* | ||
tmp/* | ||
db/*sqlite3 | ||
db/development.sqlite3 | ||
.DS_Store |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,40 @@ | ||
# This controller handles the login/logout function of the site. | ||
class SessionsController < ApplicationController | ||
# render new.rhtml | ||
def new | ||
end | ||
|
||
def create | ||
logout_keeping_session! | ||
user = User.authenticate(params[:login], params[:password]) | ||
if user | ||
# Protects against session fixation attacks, causes request forgery | ||
# protection if user resubmits an earlier form using back | ||
# button. Uncomment if you understand the tradeoffs. | ||
# reset_session | ||
self.current_user = user | ||
new_cookie_flag = (params[:remember_me] == "1") | ||
handle_remember_cookie! new_cookie_flag | ||
redirect_back_or_default('/home') | ||
flash[:notice] = "Logged in successfully" | ||
else | ||
note_failed_signin | ||
@login = params[:login] | ||
@remember_me = params[:remember_me] | ||
render :action => 'new' | ||
end | ||
end | ||
|
||
def destroy | ||
logout_killing_session! | ||
flash[:notice] = "You have been logged out." | ||
redirect_back_or_default('/') | ||
end | ||
|
||
protected | ||
# Track failed login attempts | ||
def note_failed_signin | ||
flash[:error] = "Couldn't log you in as '#{params[:login]}'" | ||
logger.warn "Failed login for '#{params[:login]}' from #{request.remote_ip} at #{Time.now.utc}" | ||
end | ||
end |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file was deleted.
Oops, something went wrong.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,10 +1,7 @@ | ||
class UserController < ApplicationController | ||
|
||
def index | ||
@duser = User.find_or_create_by_username(params[:username]) | ||
if (@duser == @user) | ||
redirect_to :controller=>'account' | ||
else | ||
@tweets = @duser.public_tweets.find(:all,:include => :user,:limit => 20 ) | ||
end | ||
@tweets = @duser.public_tweets.find(:all,:include => :user,:limit => 20 ) | ||
end | ||
end |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,28 @@ | ||
class UsersController < ApplicationController | ||
# Be sure to include AuthenticationSystem in Application Controller instead | ||
include AuthenticatedSystem | ||
|
||
|
||
# render new.rhtml | ||
def new | ||
@user = User.new | ||
end | ||
|
||
def create | ||
logout_keeping_session! | ||
@user = User.new(params[:user]) | ||
success = @user && @user.save | ||
if success && @user.errors.empty? | ||
# Protects against session fixation attacks, causes request forgery | ||
# protection if visitor resubmits an earlier form using back | ||
# button. Uncomment if you understand the tradeoffs. | ||
# reset session | ||
self.current_user = @user # !! now logged in | ||
redirect_back_or_default('/') | ||
flash[:notice] = "Thanks for signing up! We're sending you an email with your activation code." | ||
else | ||
flash[:error] = "We couldn't set up that account, sorry. Please try again, or contact an admin (link is above)." | ||
render :action => 'new' | ||
end | ||
end | ||
end |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,2 +1,13 @@ | ||
module AccountHelper | ||
def settings_list_entry(page) | ||
"<li id=\"tab_#{page}\">#{settings_link(page)}</li>" | ||
end | ||
|
||
def settings_link(page) | ||
if (params[:action]==page) | ||
page.capitalize | ||
else | ||
"<a href=\"#{page}\" id=\"#{page}_tab\">#{page.capitalize}</a>" | ||
end | ||
end | ||
end |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,3 +1,9 @@ | ||
# Methods added to this helper will be available to all templates in the application. | ||
module ApplicationHelper | ||
def setup(options) | ||
@title = "Twetter / #{options[:title]}" || "Twetter" | ||
@body_id = options[:body_id] || "body" | ||
@body_classes = options[:body_classes] || "account" | ||
@css = options[:css] || [] | ||
end | ||
end |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,2 @@ | ||
module SessionsHelper | ||
end |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,2 +1,5 @@ | ||
module StatusesHelper | ||
def link_users(tweet) | ||
html_escape(tweet).gsub(/@(\S+)/, '@<a href="/\1"/>\1</a>') | ||
end | ||
end |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,93 @@ | ||
module UsersHelper | ||
|
||
# | ||
# Use this to wrap view elements that the user can't access. | ||
# !! Note: this is an *interface*, not *security* feature !! | ||
# You need to do all access control at the controller level. | ||
# | ||
# Example: | ||
# <%= if_authorized?(:index, User) do link_to('List all users', users_path) end %> | | ||
# <%= if_authorized?(:edit, @user) do link_to('Edit this user', edit_user_path) end %> | | ||
# <%= if_authorized?(:destroy, @user) do link_to 'Destroy', @user, :confirm => 'Are you sure?', :method => :delete end %> | ||
# | ||
# | ||
def if_authorized?(action, resource, &block) | ||
if authorized?(action, resource) | ||
yield action, resource | ||
end | ||
end | ||
|
||
# | ||
# Link to user's page ('users/1') | ||
# | ||
# By default, their login is used as link text and link title (tooltip) | ||
# | ||
# Takes options | ||
# * :content_text => 'Content text in place of user.login', escaped with | ||
# the standard h() function. | ||
# * :content_method => :user_instance_method_to_call_for_content_text | ||
# * :title_method => :user_instance_method_to_call_for_title_attribute | ||
# * as well as link_to()'s standard options | ||
# | ||
# Examples: | ||
# link_to_user @user | ||
# # => <a href="/users/3" title="barmy">barmy</a> | ||
# | ||
# # if you've added a .name attribute: | ||
# content_tag :span, :class => :vcard do | ||
# (link_to_user user, :class => 'fn n', :title_method => :login, :content_method => :name) + | ||
# ': ' + (content_tag :span, user.email, :class => 'email') | ||
# end | ||
# # => <span class="vcard"><a href="/users/3" title="barmy" class="fn n">Cyril Fotheringay-Phipps</a>: <span class="email">barmy@blandings.com</span></span> | ||
# | ||
# link_to_user @user, :content_text => 'Your user page' | ||
# # => <a href="/users/3" title="barmy" class="nickname">Your user page</a> | ||
# | ||
def link_to_user(user, options={}) | ||
raise "Invalid user" unless user | ||
options.reverse_merge! :content_method => :login, :title_method => :login, :class => :nickname | ||
content_text = options.delete(:content_text) | ||
content_text ||= user.send(options.delete(:content_method)) | ||
options[:title] ||= user.send(options.delete(:title_method)) | ||
link_to h(content_text), user_path(user), options | ||
end | ||
|
||
# | ||
# Link to login page using remote ip address as link content | ||
# | ||
# The :title (and thus, tooltip) is set to the IP address | ||
# | ||
# Examples: | ||
# link_to_login_with_IP | ||
# # => <a href="/login" title="169.69.69.69">169.69.69.69</a> | ||
# | ||
# link_to_login_with_IP :content_text => 'not signed in' | ||
# # => <a href="/login" title="169.69.69.69">not signed in</a> | ||
# | ||
def link_to_login_with_IP content_text=nil, options={} | ||
ip_addr = request.remote_ip | ||
content_text ||= ip_addr | ||
options.reverse_merge! :title => ip_addr | ||
if tag = options.delete(:tag) | ||
content_tag tag, h(content_text), options | ||
else | ||
link_to h(content_text), login_path, options | ||
end | ||
end | ||
|
||
# | ||
# Link to the current user's page (using link_to_user) or to the login page | ||
# (using link_to_login_with_IP). | ||
# | ||
def link_to_current_user(options={}) | ||
if current_user | ||
link_to_user current_user, options | ||
else | ||
content_text = options.delete(:content_text) || 'not signed in' | ||
# kill ignored options from link_to_user | ||
[:content_method, :title_method].each{|opt| options.delete(opt)} | ||
link_to_login_with_IP content_text, options | ||
end | ||
end | ||
|
||
end |
Oops, something went wrong.