This repository has been archived by the owner. It is now read-only.
Permalink
Browse files

Merge pull request #46 from victorykit/devise

Devise for VictoryKit
  • Loading branch information...
bguthrie committed Aug 29, 2013
2 parents 29d5258 + a288392 commit e7ef0caef6a7b71ccc1f2a6dedc69edbc6e3f014
Showing with 681 additions and 208 deletions.
  1. +1 −0 Gemfile
  2. +9 −0 Gemfile.lock
  3. +1 −1 app/assets/stylesheets/login_signup.css.scss
  4. +0 −1 app/controllers/admin/users_controller.rb
  5. +10 −5 app/controllers/application_controller.rb
  6. +0 −17 app/controllers/sessions_controller.rb
  7. +3 −2 app/controllers/users_controller.rb
  8. +14 −16 app/models/user.rb
  9. +0 −8 app/validators/old_password_validator.rb
  10. +9 −0 app/views/devise/confirmations/new.html.haml
  11. +4 −0 app/views/devise/mailer/confirmation_instructions.html.haml
  12. +6 −0 app/views/devise/mailer/reset_password_instructions.html.haml
  13. +5 −0 app/views/devise/mailer/unlock_instructions.html.haml
  14. +12 −0 app/views/devise/passwords/edit.html.haml
  15. +8 −0 app/views/devise/passwords/new.html.haml
  16. +18 −0 app/views/devise/registrations/edit.html.haml
  17. +10 −0 app/views/devise/registrations/new.html.haml
  18. +24 −0 app/views/devise/sessions/new.html.haml
  19. +19 −0 app/views/devise/shared/_links.haml
  20. +9 −0 app/views/devise/unlocks/new.html.haml
  21. +1 −1 app/views/shared/_navigation.html.haml
  22. +1 −1 app/views/users/edit.html.haml
  23. +252 −0 config/initializers/devise.rb
  24. +59 −0 config/locales/devise.en.yml
  25. +10 −8 config/routes.rb
  26. +98 −0 db/migrate/20130821005215_add_devise_to_users.rb
  27. +38 −11 db/structure.sql
  28. +0 −7 lib/admin_constraint.rb
  29. +2 −2 spec/controllers/application_controller_spec.rb
  30. +11 −5 spec/controllers/petitions_controller_spec.rb
  31. +0 −62 spec/controllers/sessions_controller_spec.rb
  32. +5 −5 spec/controllers/users_controller_spec.rb
  33. +1 −1 spec/factories/users.rb
  34. +3 −35 spec/models/user_spec.rb
  35. +18 −10 spec/spec_helper.rb
  36. +3 −0 spec/support/devise.rb
  37. +1 −1 spec/support/request_flows.rb
  38. +16 −9 spec/support/shared_examples.rb
View
@@ -61,6 +61,7 @@ gem 'activerecord-postgres-hstore'
# To use ActiveModel has_secure_password
gem 'bcrypt-ruby', '~> 3.0.0'
+gem 'devise'
# for whiplash
gem 'redis'
View
@@ -123,6 +123,11 @@ GEM
debugger-ruby_core_source (~> 1.2.3)
debugger-linecache (1.2.0)
debugger-ruby_core_source (1.2.3)
+ devise (3.0.3)
+ bcrypt-ruby (~> 3.0)
+ orm_adapter (~> 0.1)
+ railties (>= 3.2.6, < 5)
+ warden (~> 1.2.3)
diff-lcs (1.1.3)
dkim (1.0.0)
dotenv (0.8.0)
@@ -199,6 +204,7 @@ GEM
newrelic_rpm (3.6.6.147)
nokogiri (1.5.6)
oauth (0.4.7)
+ orm_adapter (0.4.0)
pg (0.14.1)
pg-hstore (1.2.0)
polyglot (0.3.3)
@@ -349,6 +355,8 @@ GEM
rack
raindrops (~> 0.7)
uuidtools (2.1.3)
+ warden (1.2.3)
+ rack (>= 1.0)
websocket (1.0.7)
will_paginate (3.0.4)
xml-simple (1.1.2)
@@ -373,6 +381,7 @@ DEPENDENCIES
capybara-webkit
carmen-rails
dalli
+ devise
dkim
factory_girl_rails (~> 3.0)
faker (~> 1.0)
@@ -1,4 +1,4 @@
-body.users.new {
+body.users.new, body.sessions.new {
background-image: image-url('protests.jpg');
background-position: 0 0;
background-repeat: repeat-y;
@@ -15,7 +15,6 @@ def show
def update
@user = User.find(params[:id])
- @user.skip_validation = true
if @user.update_attributes(params[:user],{:as => :admin})
redirect_to admin_users_url, notice: 'User was successfully updated.'
else
@@ -1,4 +1,5 @@
class ApplicationController < ActionController::Base
+
include Whiplash
extend Memoist
helper_method :win!, :spin!, :spin_if_cool_browser!, :measure!, :is_admin
@@ -41,17 +42,21 @@ def streaming_csv_export(export)
self.response_body = export.as_csv_stream
end
+ def after_sign_in_path_for(resource)
+ sign_in_url = url_for(:action => 'new', :controller => 'sessions', :only_path => false, :protocol => 'http')
+ if request.referer == sign_in_url
+ super
+ else
+ stored_location_for(resource) || root_path
+ end
+ end
+
private
def browser_is_cool?
browser.firefox? || browser.chrome? || browser.safari?
end
- def current_user
- @current_user ||= User.find_by_id(session[:user_id]) if session[:user_id]
- end
- helper_method :current_user
-
def require_login
if current_user.nil?
session['redirect_url'] = request.url
@@ -1,17 +0,0 @@
-class SessionsController < ApplicationController
- def create
- user = User.find_by_email(params[:new_session][:email])
- if user && user.authenticate(params[:new_session][:password])
- session[:user_id] = user.id
- redirect_to session['redirect_url'] || admin_dashboard_path
- else
- flash[:error] = "Invalid username or password"
- redirect_to login_path
- end
- end
-
- def destroy
- reset_session
- redirect_to root_path, notice: "Logged out!"
- end
-end
@@ -18,8 +18,9 @@ def create
def update
@user = current_user
- if @user.update_attributes(params[:user])
- flash.notice = "Password was successfully updated"
+ if @user.update_with_password(params[:user])
+ flash.notice = "Password was successfully updated."
+ sign_in @user, :bypass => true
redirect_to root_url
else
render action: "edit"
View
@@ -1,20 +1,18 @@
-require "old_password_validator"
-
class User < ActiveRecord::Base
- attr_accessor :old_password
- attr_accessor :skip_validation
- validates_presence_of :password, :unless => :skip_validation
- validates_presence_of :password_confirmation, :unless => :skip_validation
- validates :old_password, :old_password => true, :presence => true, :on => :update, :if => :password_digest_changed?
- attr_accessible :email, :password, :old_password, :password_confirmation
- attr_accessible :email, :is_super_user, :is_admin, :as => :admin
-
- has_secure_password
- validates :email, :presence => true, :uniqueness => true , :email => true
-
- after_validation :remove_password_digest_errors
+ # Include default devise modules. Others available are:
+ # :token_authenticatable, :confirmable,
+ # :lockable, :timeoutable and :omniauthable
+ devise :database_authenticatable, :registerable,
+ :recoverable, :rememberable, :trackable, :validatable, :lockable
+
+ # Setup accessible (or protected) attributes for your model
+ attr_accessible :email, :password, :password_confirmation, :remember_me
+ attr_accessible :is_super_user, :is_admin, :as => :admin
+
+ after_validation :remove_encrypted_password_errors
- def remove_password_digest_errors
- errors.delete :password_digest if errors.include? :password
+ def remove_encrypted_password_errors
+ errors.delete :encrypted_password if errors.include? :password
end
+
end
@@ -1,8 +0,0 @@
-class OldPasswordValidator < ActiveModel::EachValidator
- def validate_each(object, attribute, value)
- old_user = User.find(object.id)
- unless old_user.authenticate value
- object.errors[attribute] << (options[:message] || " is not your previous password")
- end
- end
-end
@@ -0,0 +1,9 @@
+%h2 Resend confirmation instructions
+= simple_form_for(resource, :as => resource_name, :url => confirmation_path(resource_name), :html => { :method => :post }) do |f|
+ = f.error_notification
+ = f.full_error :confirmation_token
+ .form-inputs
+ = f.input :email, :required => true, :autofocus => true
+ .form-actions
+ = f.button :submit, "Resend confirmation instructions"
+= render "devise/shared/links"
@@ -0,0 +1,4 @@
+%p
+ Welcome #{@email}!
+%p You can confirm your account email through the link below:
+%p= link_to 'Confirm my account', confirmation_url(@resource, :confirmation_token => @resource.confirmation_token)
@@ -0,0 +1,6 @@
+%p
+ Hello #{@resource.email}!
+%p Someone has requested a link to change your password. You can do this through the link below.
+%p= link_to 'Change my password', edit_password_url(@resource, :reset_password_token => @resource.reset_password_token)
+%p If you didn't request this, please ignore this email.
+%p Your password won't change until you access the link above and create a new one.
@@ -0,0 +1,5 @@
+%p
+ Hello #{@resource.email}!
+%p Your account has been locked due to an excessive number of unsuccessful sign in attempts.
+%p Click the link below to unlock your account:
+%p= link_to 'Unlock my account', unlock_url(@resource, :unlock_token => @resource.unlock_token)
@@ -0,0 +1,12 @@
+%h2 Change your password
+= simple_form_for(resource, :as => resource_name, :url => password_path(resource_name), :html => { :method => :put }) do |f|
+ = f.error_notification
+ = f.input :reset_password_token, :as => :hidden
+ = f.full_error :reset_password_token
+ .form-inputs
+ = f.input :current_password, :label => "Current password", :required => true, :autofocus => true
+ = f.input :password, :label => "New password", :required => true
+ = f.input :password_confirmation, :label => "Confirm your new password", :required => true
+ .form-actions
+ = f.button :submit, "Change my password"
+/= render "devise/shared/links"
@@ -0,0 +1,8 @@
+%h2 Forgot your password?
+= simple_form_for(resource, :as => resource_name, :url => password_path(resource_name), :html => { :method => :post }) do |f|
+ = f.error_notification
+ .form-inputs
+ = f.input :email, :required => true, :autofocus => true
+ .form-actions
+ = f.button :submit, "Send me reset password instructions"
+= render "devise/shared/links"
@@ -0,0 +1,18 @@
+%h2
+ Edit #{resource_name.to_s.humanize}
+= simple_form_for(resource, :as => resource_name, :url => registration_path(resource_name), :html => { :method => :put }) do |f|
+ = f.error_notification
+ .form-inputs
+ = f.input :email, :required => true, :autofocus => true
+ - if devise_mapping.confirmable? && resource.pending_reconfirmation?
+ %p
+ Currently waiting confirmation for: #{resource.unconfirmed_email}
+ = f.input :password, :autocomplete => "off", :hint => "leave it blank if you don't want to change it", :required => false
+ = f.input :password_confirmation, :required => false
+ = f.input :current_password, :hint => "we need your current password to confirm your changes", :required => true
+ .form-actions
+ = f.button :submit, "Update"
+/ %h3 Cancel my account
+/ %p
+/ Unhappy? #{link_to "Cancel my account", registration_path(resource_name), :data => { :confirm => "Are you sure?" }, :method => :delete}
+= link_to "Back", :back
@@ -0,0 +1,10 @@
+%h2 Sign up
+= simple_form_for(resource, :as => resource_name, :url => registration_path(resource_name)) do |f|
+ = f.error_notification
+ .form-inputs
+ = f.input :email, :required => true, :autofocus => true
+ = f.input :password, :required => true
+ = f.input :password_confirmation, :required => true
+ .form-actions
+ = f.button :submit, "Sign up"
+= render "devise/shared/links"
@@ -0,0 +1,24 @@
+.row
+ .span12
+ .signup_login
+ %h1.title Win your campaign for change.
+ .row
+ .span6.offset2
+ = simple_form_for(resource, :as => resource_name, :url => session_path(resource_name), :html => {:class => 'form-horizontal'}) do |f|
+ .form-inputs
+ = f.input :email, :required => true, :autofocus => true, :input_html => { :class => "span4" }
+ = f.input :password, :required => true, :input_html => { :class => "span4" }
+ / = f.input :remember_me, :as => :boolean if devise_mapping.rememberable?
+ .control-group
+ .controls
+ = f.button :submit, :class => 'btn btn-primary', :id => 'login-submit', :value => 'Log in'
+ %br/
+ %br/
+ = render "devise/shared/links"
+ %p.privacypolicy= t 'site.privacy_policy'
+ %small.photo_credit
+ Photo credit:
+ %a{href: "http://www.flickr.com/photos/ramyraoof/5405707930"} RamyRaoof
+
+ .row
+ .span6.offset3
@@ -0,0 +1,19 @@
+- if controller_name != 'sessions'
+ = link_to "Sign in", new_session_path(resource_name)
+ %br/
+/ - if devise_mapping.registerable? && controller_name != 'registrations'
+/ = link_to "Sign up", new_registration_path(resource_name)
+/ %br/
+- if devise_mapping.recoverable? && controller_name != 'passwords'
+ = link_to "Forgot your password?", new_password_path(resource_name)
+ %br/
+- if devise_mapping.confirmable? && controller_name != 'confirmations'
+ = link_to "Didn't receive confirmation instructions?", new_confirmation_path(resource_name)
+ %br/
+/ - if devise_mapping.lockable? && resource_class.unlock_strategy_enabled?(:email) && controller_name != 'unlocks'
+/ = link_to "Didn't receive unlock instructions?", new_unlock_path(resource_name)
+/ %br/
+/ - if devise_mapping.omniauthable?
+/ - resource_class.omniauth_providers.each do |provider|
+/ = link_to "Sign in with #{provider.to_s.titleize}", omniauth_authorize_path(resource_name, provider)
+/ %br/
@@ -0,0 +1,9 @@
+%h2 Resend unlock instructions
+= simple_form_for(resource, :as => resource_name, :url => unlock_path(resource_name), :html => { :method => :post }) do |f|
+ = f.error_notification
+ = f.full_error :unlock_token
+ .form-inputs
+ = f.input :email, :required => true, :autofocus => true
+ .form-actions
+ = f.button :submit, "Resend unlock instructions"
+= render "devise/shared/links"
@@ -40,6 +40,6 @@
%b.caret
%ul.dropdown-menu
%li= link_to('Change Password', edit_user_path(current_user))
- %li= link_to('Log Out', logout_path, :class => 'nodivider', :id => 'logout')
+ %li= link_to('Log Out', destroy_user_session_path, :method => :delete, :class => 'nodivider', :id => 'logout')
- elsif controller_name == 'petitions' && action_name == 'show'
.nodivider
@@ -2,7 +2,7 @@
%h1 Change Password
= simple_form_for current_user do |f|
- = f.input :old_password, :input_html => { :autocomplete => "off" }
+ = f.input :current_password, :input_html => { :autocomplete => "off" }
= f.input :password, :input_html => { :autocomplete => "off" }
= f.input :password_confirmation, :input_html => { :autocomplete => "off" }
= f.button :submit, :class => 'btn btn-primary', :value => 'Update Password'
Oops, something went wrong.

0 comments on commit e7ef0ca

Please sign in to comment.