Finish sign in

app/assets/javascripts/application.js

@@ -12,4 +12,5 @@
 //
 //= require jquery
 //= require jquery_ujs
+//= require bootstrap
 //= require_tree .

app/assets/javascripts/sessions.js.coffee

@@ -0,0 +1,3 @@
+# Place all the behaviors and hooks related to the matching controller here.
+# All this logic will automatically be available in application.js.
+# You can use CoffeeScript in this file: http://jashkenas.github.com/coffee-script/

app/assets/stylesheets/sessions.css.scss

@@ -0,0 +1,3 @@
+// Place all the styles related to the Sessions controller here.
+// They will automatically be included in application.css.
+// You can use Sass (SCSS) here: http://sass-lang.com/

app/controllers/application_controller.rb

@@ -1,3 +1,4 @@
 class ApplicationController < ActionController::Base
   protect_from_forgery
+	include SessionsHelper
 end

app/controllers/sessions_controller.rb

@@ -0,0 +1,20 @@
+class SessionsController < ApplicationController
+	def new
+	end
+
+	def create
+		user = User.find_by_email(params[:session][:email])
+		if user && user.authenticate(params[:session][:password])
+			sign_in user
+			redirect_to user
+		else
+			flash.now[:error] = 'Invalid email/password combination'
+			render 'new'
+		end
+	end
+
+	def destroy
+		sign_out
+		redirect_to root_path
+	end
+end

app/controllers/users_controller.rb

@@ -11,10 +11,12 @@ def new
 	def create
 		@user = User.new(params[:user])
 		if @user.save
+			sign_in @user
 			flash[:success] = "Welcome to the Sample App!"
 			redirect_to @user
 		else
 			render 'new'
 		end
 	end
+
 end

app/helpers/sessions_helper.rb

@@ -0,0 +1,24 @@
+module SessionsHelper
+
+	def sign_in(user)
+		cookies.permanent[:remember_token] = user.remember_token
+		current_user = user
+	end
+
+	def signed_in?
+		!current_user.nil?
+	end
+
+	def sign_out
+		current_user = nil
+		cookies.delete(:remember_token)
+	end
+
+	def current_user=(user)
+		@current_user = user
+	end
+
+	def current_user
+		@current_user ||= User.find_by_remember_token(cookies[:remember_token])
+	end
+end

app/models/user.rb

@@ -16,10 +16,16 @@ class User < ActiveRecord::Base
 	VALID_EMAIL_REGEX = /\A[\w+\-.]+@[a-z\d\-.]+\.[a-z]+\z/i
 
 	before_save { |user| user.email = email.downcase }
+	before_save :create_remember_token
 
 	validates :name,  presence: true, length: { maximum: 50 }
 	validates :email, presence: true, format: { with: VALID_EMAIL_REGEX },
 	                  uniqueness: { case_sensitive: false }
   validates :password, length: { minimum: 6 }
   validates :password_confirmation, presence: true
+
+	private
+		def create_remember_token
+			self.remember_token = SecureRandom.urlsafe_base64
+		end
 end

app/views/layouts/_header.html.erb

@@ -6,7 +6,24 @@
 				<ul class="nav pull-right">
 					<li><%= link_to "Home",    root_path %></li>
 					<li><%= link_to "Help",    help_path %></li>
-					<li><%= link_to "Sign in", "#" %></li>
+					<% if signed_in? %>
+						<li><%= link_to "Users", "#" %></li>
+						<li id="fat-menu" class="dropdown">
+							<a haref="#" class="dropdown-toggle" data-toggle="dropdown">
+								Account <b class="caret"></b>
+							</a>
+							<ul class="dropdown-menu">
+								<li><%= link_to "Profile", current_user %></li>
+								<li><%= link_to "Settings", '#' %></li>
+								<li class="divider"></li>
+								<li>
+									<%= link_to "Sign out", signout_path, method: "delete" %>
+								</li>
+							</ul>
+						</li>
+					<% else %>
+						<li><%= link_to "Sign in", signin_path %></li>
+					<% end %>
 				</ul>
 			</nav>
 		</div>

app/views/sessions/new.html.erb

@@ -0,0 +1,18 @@
+<% provide(:title, "Sign in") %>
+<h1>Sign in</h1>
+
+<div class="row">
+	<div class="span6 offset3">
+		<%= form_for(:session, url: sessions_path) do |f| %>
+			<%= f.label :email %>
+			<%= f.text_field :email %>
+
+			<%= f.label :password %>
+			<%= f.password_field :password %>
+
+			<%= f.submit "Sign in", class: "btn btn-large btn-primary" %>
+		<% end %>
+
+		<p>New user? <%= link_to "Sign up now!", signup_path %></p>
+	</div>
+</div>

config/routes.rb

@@ -1,9 +1,13 @@
 SampleApp::Application.routes.draw do
 
 	resources :users
+	resources :sessions, only: [:new, :create, :destroy]
+
   root to: "static_pages#home"
 
-  match '/signup', to: "users#new"
+  match '/signup',  to: "users#new"
+  match '/signin',  to: "sessions#new"
+  match '/signout', to: "sessions#destroy", via: :delete
 
   match '/help', to: "static_pages#help"
   match '/about', to: "static_pages#about"

db/migrate/20120607001905_add_remember_token_to_users.rb

@@ -0,0 +1,6 @@
+class AddRememberTokenToUsers < ActiveRecord::Migration
+  def change
+		add_column :users, :remember_token, :string
+		add_index  :users, :remember_token
+  end
+end

db/schema.rb

@@ -11,16 +11,18 @@
 #
 # It's strongly recommended to check this file into your version control system.
 
-ActiveRecord::Schema.define(:version => 20120521154620) do
+ActiveRecord::Schema.define(:version => 20120607001905) do
 
   create_table "users", :force => true do |t|
     t.string   "name"
     t.string   "email"
     t.datetime "created_at",      :null => false
     t.datetime "updated_at",      :null => false
     t.string   "password_digest"
+    t.string   "remember_token"
   end
 
   add_index "users", ["email"], :name => "index_users_on_email", :unique => true
+  add_index "users", ["remember_token"], :name => "index_users_on_remember_token"
 
 end

spec/models/user_spec.rb

@@ -23,6 +23,7 @@
 	it { should respond_to(:password_digest) }
 	it { should respond_to(:password) }
 	it { should respond_to(:password_confirmation) }
+	it { should respond_to(:remember_token) }
 	it { should respond_to(:authenticate) }
 
 	it { should be_valid }
@@ -102,10 +103,16 @@
 			it { should == found_user.authenticate(@user.password) }
 		end
 
-		describe "" do
+		describe "with invalid password" do
 			let(:user_for_invalid_password) { found_user.authenticate("invalid") }
 			it { should_not == user_for_invalid_password }
 			specify { user_for_invalid_password.should be_false }
 		end
 	end
+
+	describe "remember token" do
+		before { @user.save }
+		its(:remember_token) { should_not be_blank }
+	end
+
 end

spec/requests/authentication_pages_spec.rb

@@ -0,0 +1,47 @@
+require 'spec_helper'
+
+describe "AuthenticationPages" do
+
+	subject { page }
+
+  describe "signin page" do
+		before { visit signin_path }
+		it { should have_selector('h1',      text: 'Sign in') }
+		it { should have_selector('title',   text: 'Sign in') }
+	end
+
+  describe "signin" do
+		before { visit signin_path }
+
+		describe "with invalid information" do
+			before { click_button "Sign in" }
+
+			it { should have_selector('title',   text: 'Sign in') }
+			it { should have_selector('div.alert.alert-error',   text: 'Invalid') }
+			describe "after visiting another page" do
+				before { click_link "Home" }
+				it { should_not have_selector('div.alert.alert-error') }
+			end
+		end
+
+		describe "with valid information" do
+			let(:user) { FactoryGirl.create(:user) }
+			before do
+				fill_in "Email",       with: user.email
+				fill_in "Password",    with: user.password
+				click_button "Sign in"
+			end
+
+			it { should have_selector('title', text: user.name) }
+			it { should have_link('Profile',   href: user_path(user)) }
+			it { should have_link('Sign out',  href: signout_path) }
+			it { should_not have_link('Sign in',  href: signin_path) }
+
+			describe "followed by signout" do
+				before { click_link "Sign out" }
+				it { should have_link('Sign in') }
+			end
+		end
+  end
+
+end

spec/requests/user_pages_spec.rb

@@ -55,6 +55,7 @@
 				it { should have_selector('div.alert.alert-success', text: 'Welcome')}
 				it { should_not have_content('error') }
 				it { should_not have_content('errors') }
+				it { should have_link('Sign out') }
 			end
 		end