Admin Authentication Refactor

[Reltre]

This PR adds the following:

1. Authentication logic for admins
2. Views related to log in for admins
3. Database schema for users, with required attributes, including admin role.
4. Testing for related models and controllers, as well as a spec for the log in feature.
5. A small amount of jQuery has been added to enable error messaging.

This PR so far only cover authentication of existing users. To run a sanity test on this, be sure to have an existing user, preferably one with admin role, in the database.

Some filters should probably be added in the future to enforce the presence of a logged in user when accessing different parts of the site. This was left out to avoid potential merge conflicts with other branches.

[seport]

Generally looking awesome! A few requests:

1. Can you add an admin user with username admin and password password to the setup script for testing purposes?
2. It would also be nice if you could rebase onto the rails branch and remove unnecessary files like some of the helpers and email things and other random things that don't really contribute to the ticket. (Just to really cross our t's and dot our i's)

Thanks so much! Other than these small changes it looks really good to me so far. :)

[seport]

Can you please explain channels and application cables?

[seport]

Or remove this if it was just something rails generated at some point.

[Reltre]

I looked into this. ApplicationCable seems good for implementing features for currently logged users, in particular, for tracking things in real time. Not sure this is something we need at the moment. Might be a nice to have for later on though.

[Reltre]

then again, YAGNI; I'll remove it for the time being.

[seport]

Are these helpers helping anything? Will they in the future, or should we delete these?

[seport]

Is this job doing anything?

[seport]

What do we need the mailer for?

[seport]

where are we encrypting the password?

[Reltre]

Once has_secure_password was added below, passwords are encrypted with the bcrypt gem when a User model is saved.

[seport]

Could we add a setup step that creates an admin user? This can also be a separate ticket though.

[seport]

is this a websockets thing? We might not need Cable either.

[seport]

Eventually we should do something like this, but I don't think we need it in this iteration of the app, and there are a couple of new ways I've been learning about doing this other than a yml file which seem pretty interesting.... we can put it in the icebox and discuss it later.

[seport]

can we also add a route for /admin which is either the admin index (can just be a hello world page for now) if there is an admin session logged in, or redirects to admin/login otherwise?

[Reltre]

I've added in a before filter for this and an index action for an admin session, well the index page works as a placeholder I guess? I think until we have a dedicated admin view, that we should just have admins navigate to the welcome page on log in.

[seport]

yay testing!!

[Reltre]

yayy!

[seport]

I have a few more comments actually,

1. please set the password field in the view to be a password field rather than a text field
2. After login the admin should be redirected to an admin dashboard at /admin. For now it can just be a simple hello world page for proof of concept.
3. I'm not totally sure the session stuff is working. When I go back to /admin/login after logging in (and being redirected to the homepage) I should be redirected immediately, because I am already logged in.

[Reltre]

@seport I've made the changes you've request above. One thing we'll need eventually is a way to log out. At the moment, we have to hop into the inspector and delete the session cookie directly to log out.

There's an admin user setup in our seeds file now. I've also added some filters related to login. Also, I realized that this branch was set to merge into master. Once I set it to merge into the "rails" branch, most of those unrelated files went away 😃

[seport]

LGTM!