-
Notifications
You must be signed in to change notification settings - Fork 13
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Admin Authentication Refactor #5
Conversation
…ion of user login feature test.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Generally looking awesome! A few requests:
- Can you add an admin user with username
admin
and passwordpassword
to the setup script for testing purposes? - It would also be nice if you could rebase onto the
rails
branch and remove unnecessary files like some of the helpers and email things and other random things that don't really contribute to the ticket. (Just to really cross our t's and dot our i's)
Thanks so much! Other than these small changes it looks really good to me so far. :)
@@ -0,0 +1,4 @@ | |||
module ApplicationCable |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Can you please explain channels and application cables?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Or remove this if it was just something rails generated at some point.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I looked into this. ApplicationCable seems good for implementing features for currently logged users, in particular, for tracking things in real time. Not sure this is something we need at the moment. Might be a nice to have for later on though.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
then again, YAGNI; I'll remove it for the time being.
app/helpers/application_helper.rb
Outdated
@@ -0,0 +1,2 @@ | |||
module ApplicationHelper |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Are these helpers helping anything? Will they in the future, or should we delete these?
app/jobs/application_job.rb
Outdated
@@ -0,0 +1,2 @@ | |||
class ApplicationJob < ActiveJob::Base |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Is this job doing anything?
app/mailers/application_mailer.rb
Outdated
@@ -0,0 +1,4 @@ | |||
class ApplicationMailer < ActionMailer::Base | |||
default from: 'from@example.com' |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
What do we need the mailer for?
@@ -0,0 +1,7 @@ | |||
class User < ApplicationRecord | |||
validates :email, presence: true | |||
validates :password, presence: true |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
where are we encrypting the password?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Once has_secure_password
was added below, passwords are encrypted with the bcrypt
gem when a User
model is saved.
bin/setup
Outdated
@@ -0,0 +1,38 @@ | |||
#!/usr/bin/env ruby |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Could we add a setup step that creates an admin user? This can also be a separate ticket though.
config/cable.yml
Outdated
@@ -0,0 +1,10 @@ | |||
development: |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
is this a websockets thing? We might not need Cable either.
config/locales/en.yml
Outdated
@@ -0,0 +1,33 @@ | |||
# Files in the config/locales directory are used for internationalization |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Eventually we should do something like this, but I don't think we need it in this iteration of the app, and there are a couple of new ways I've been learning about doing this other than a yml file which seem pretty interesting.... we can put it in the icebox and discuss it later.
config/routes.rb
Outdated
Rails.application.routes.draw do | ||
root 'welcome#index' | ||
|
||
namespace :admin do |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
can we also add a route for /admin which is either the admin index (can just be a hello world page for now) if there is an admin session logged in, or redirects to admin/login otherwise?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I've added in a before filter for this and an index action for an admin session, well the index page works as a placeholder I guess? I think until we have a dedicated admin view, that we should just have admins navigate to the welcome page on log in.
@@ -0,0 +1,19 @@ | |||
require "rails_helper" |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
yayy!
I have a few more comments actually,
|
@seport I've made the changes you've request above. One thing we'll need eventually is a way to log out. At the moment, we have to hop into the inspector and delete the session cookie directly to log out. There's an admin user setup in our seeds file now. I've also added some filters related to login. Also, I realized that this branch was set to merge into master. Once I set it to merge into the "rails" branch, most of those unrelated files went away 😃 |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
LGTM!
This PR adds the following:
This PR so far only cover authentication of existing users. To run a sanity test on this, be sure to have an existing user, preferably one with admin role, in the database.
Some filters should probably be added in the future to enforce the presence of a logged in user when accessing different parts of the site. This was left out to avoid potential merge conflicts with other branches.