From da22af605f046d1bc3eba841f630da5824eeb946 Mon Sep 17 00:00:00 2001 From: Benjamin Cousaert Date: Tue, 9 Dec 2014 17:17:11 +0100 Subject: [PATCH] Add devise to users --- app/controllers/application_controller.rb | 17 +++++++ app/controllers/users_controller.rb | 39 --------------- app/models/user.rb | 35 +++++++++---- app/views/devise/confirmations/new.html.erb | 16 ++++++ .../mailer/confirmation_instructions.html.erb | 5 ++ .../reset_password_instructions.html.erb | 8 +++ .../mailer/unlock_instructions.html.erb | 7 +++ app/views/devise/passwords/edit.html.erb | 22 +++++++++ app/views/devise/passwords/new.html.erb | 16 ++++++ app/views/devise/registrations/edit.html.erb | 39 +++++++++++++++ app/views/devise/registrations/new.html.erb | 19 +++++++ app/views/devise/sessions/new.html.erb | 27 ++++++++++ app/views/devise/shared/_links.html.erb | 25 ++++++++++ app/views/devise/unlocks/new.html.erb | 16 ++++++ app/views/layouts/_header.html.erb | 5 +- app/views/users/_form.html.erb | 25 ++++++++++ app/views/users/edit.html.erb | 27 +--------- app/views/users/new.html.erb | 26 +--------- app/views/users/show.html.erb | 2 +- config/routes.rb | 6 +-- .../20141209144240_add_devise_to_users.rb | 49 +++++++++++++++++++ ...141209144521_drop_password_digest_users.rb | 5 ++ db/schema.rb | 23 +++++++-- test/fixtures/users.yml | 29 ++++++++--- test/models/user_test.rb | 29 ++++++++--- 25 files changed, 391 insertions(+), 126 deletions(-) create mode 100644 app/views/devise/confirmations/new.html.erb create mode 100644 app/views/devise/mailer/confirmation_instructions.html.erb create mode 100644 app/views/devise/mailer/reset_password_instructions.html.erb create mode 100644 app/views/devise/mailer/unlock_instructions.html.erb create mode 100644 app/views/devise/passwords/edit.html.erb create mode 100644 app/views/devise/passwords/new.html.erb create mode 100644 app/views/devise/registrations/edit.html.erb create mode 100644 app/views/devise/registrations/new.html.erb create mode 100644 app/views/devise/sessions/new.html.erb create mode 100644 app/views/devise/shared/_links.html.erb create mode 100644 app/views/devise/unlocks/new.html.erb create mode 100644 app/views/users/_form.html.erb create mode 100644 db/migrate/20141209144240_add_devise_to_users.rb create mode 100644 db/migrate/20141209144521_drop_password_digest_users.rb diff --git a/app/controllers/application_controller.rb b/app/controllers/application_controller.rb index 60c348c..1933cf4 100644 --- a/app/controllers/application_controller.rb +++ b/app/controllers/application_controller.rb @@ -2,7 +2,24 @@ class ApplicationController < ActionController::Base # Prevent CSRF attacks by raising an exception. # For APIs, you may want to use :null_session instead. protect_from_forgery with: :exception + before_action :configure_permitted_parameters, if: :devise_controller? + + def after_sign_in_path_for(resource) + new_user_session_path + end + + def after_sign_up_path_for(resource) + root_path + end include OrdersHelper include ApplicationHelper + + protected + + def configure_permitted_parameters + devise_parameter_sanitizer.for(:sign_up) { |u| u.permit( + :email, :nickname, :name, :last_name, :password, :password_confirmation + ) } + end end diff --git a/app/controllers/users_controller.rb b/app/controllers/users_controller.rb index 8b43342..639080f 100644 --- a/app/controllers/users_controller.rb +++ b/app/controllers/users_controller.rb @@ -1,49 +1,10 @@ class UsersController < ApplicationController - def new - @user = User.new - end - def show @user = User.find(params[:id]) @orders = @user.orders.paginate(page: params[:page]) end - def create - @user = User.new(user_params) - if @user.save - redirect_to @user - else - render 'new' - end - end - - def edit - @user = User.find(params[:id]) - end - - def update - @user = User.find(params[:id]) - if @user.update_attributes(user_params) - redirect_to @user - else - render 'edit' - end - end - def index @users = User.all end - - - def destroy - User.find(params[:id]).destroy - redirect_to users_path - end - - private - - def user_params - params.require(:user).permit(:name, :last_name, :password, - :password_confirmation, :nickname) - end end diff --git a/app/models/user.rb b/app/models/user.rb index 008a430..81aca66 100644 --- a/app/models/user.rb +++ b/app/models/user.rb @@ -2,17 +2,34 @@ # # Table name: users # -# id :integer not null, primary key -# name :string(255) -# last_name :string(255) -# balance :integer default(0) -# nickname :string(255) -# password_digest :string(255) -# created_at :datetime -# updated_at :datetime +# id :integer not null, primary key +# name :string(255) +# last_name :string(255) +# balance :integer default(0) +# nickname :string(255) +# created_at :datetime +# updated_at :datetime +# email :string(255) default(""), not null +# encrypted_password :string(255) default(""), not null +# reset_password_token :string(255) +# reset_password_sent_at :datetime +# remember_created_at :datetime +# sign_in_count :integer default(0), not null +# current_sign_in_at :datetime +# last_sign_in_at :datetime +# current_sign_in_ip :string(255) +# last_sign_in_ip :string(255) +# confirmation_token :string(255) +# confirmed_at :datetime +# confirmation_sent_at :datetime +# unconfirmed_email :string(255) # class User < ActiveRecord::Base + devise :database_authenticatable, :registerable, + :recoverable, :rememberable, :trackable, :validatable, + :confirmable + has_many :orders, -> { includes :products } validates :name, presence: true @@ -26,6 +43,4 @@ class User < ActiveRecord::Base def pay(amount) self.increment!(:balance, - amount) end - - has_secure_password end diff --git a/app/views/devise/confirmations/new.html.erb b/app/views/devise/confirmations/new.html.erb new file mode 100644 index 0000000..4540811 --- /dev/null +++ b/app/views/devise/confirmations/new.html.erb @@ -0,0 +1,16 @@ +

Resend confirmation instructions

+ +<%= form_for(resource, as: resource_name, url: confirmation_path(resource_name), html: { method: :post }) do |f| %> + <%= devise_error_messages! %> + +
+ <%= f.label :email %>
+ <%= f.email_field :email, autofocus: true %> +
+ +
+ <%= f.submit "Resend confirmation instructions" %> +
+<% end %> + +<%= render "devise/shared/links" %> diff --git a/app/views/devise/mailer/confirmation_instructions.html.erb b/app/views/devise/mailer/confirmation_instructions.html.erb new file mode 100644 index 0000000..dc55f64 --- /dev/null +++ b/app/views/devise/mailer/confirmation_instructions.html.erb @@ -0,0 +1,5 @@ +

Welcome <%= @email %>!

+ +

You can confirm your account email through the link below:

+ +

<%= link_to 'Confirm my account', confirmation_url(@resource, confirmation_token: @token) %>

diff --git a/app/views/devise/mailer/reset_password_instructions.html.erb b/app/views/devise/mailer/reset_password_instructions.html.erb new file mode 100644 index 0000000..f667dc1 --- /dev/null +++ b/app/views/devise/mailer/reset_password_instructions.html.erb @@ -0,0 +1,8 @@ +

Hello <%= @resource.email %>!

+ +

Someone has requested a link to change your password. You can do this through the link below.

+ +

<%= link_to 'Change my password', edit_password_url(@resource, reset_password_token: @token) %>

+ +

If you didn't request this, please ignore this email.

+

Your password won't change until you access the link above and create a new one.

diff --git a/app/views/devise/mailer/unlock_instructions.html.erb b/app/views/devise/mailer/unlock_instructions.html.erb new file mode 100644 index 0000000..41e148b --- /dev/null +++ b/app/views/devise/mailer/unlock_instructions.html.erb @@ -0,0 +1,7 @@ +

Hello <%= @resource.email %>!

+ +

Your account has been locked due to an excessive number of unsuccessful sign in attempts.

+ +

Click the link below to unlock your account:

+ +

<%= link_to 'Unlock my account', unlock_url(@resource, unlock_token: @token) %>

diff --git a/app/views/devise/passwords/edit.html.erb b/app/views/devise/passwords/edit.html.erb new file mode 100644 index 0000000..1b2ff26 --- /dev/null +++ b/app/views/devise/passwords/edit.html.erb @@ -0,0 +1,22 @@ +

Change your password

+ +<%= form_for(resource, as: resource_name, url: password_path(resource_name), html: { method: :put }) do |f| %> + <%= devise_error_messages! %> + <%= f.hidden_field :reset_password_token %> + +
+ <%= f.label :password, "New password" %>
+ <%= f.password_field :password, autofocus: true, autocomplete: "off" %> +
+ +
+ <%= f.label :password_confirmation, "Confirm new password" %>
+ <%= f.password_field :password_confirmation, autocomplete: "off" %> +
+ +
+ <%= f.submit "Change my password" %> +
+<% end %> + +<%= render "devise/shared/links" %> diff --git a/app/views/devise/passwords/new.html.erb b/app/views/devise/passwords/new.html.erb new file mode 100644 index 0000000..3d6d11a --- /dev/null +++ b/app/views/devise/passwords/new.html.erb @@ -0,0 +1,16 @@ +

Forgot your password?

+ +<%= form_for(resource, as: resource_name, url: password_path(resource_name), html: { method: :post }) do |f| %> + <%= devise_error_messages! %> + +
+ <%= f.label :email %>
+ <%= f.email_field :email, autofocus: true %> +
+ +
+ <%= f.submit "Send me reset password instructions" %> +
+<% end %> + +<%= render "devise/shared/links" %> diff --git a/app/views/devise/registrations/edit.html.erb b/app/views/devise/registrations/edit.html.erb new file mode 100644 index 0000000..3ea40f0 --- /dev/null +++ b/app/views/devise/registrations/edit.html.erb @@ -0,0 +1,39 @@ +

Edit <%= resource_name.to_s.humanize %>

+ +<%= form_for(resource, as: resource_name, url: registration_path(resource_name), html: { method: :put }) do |f| %> + <%= devise_error_messages! %> + +
+ <%= f.label :email %>
+ <%= f.email_field :email, autofocus: true %> +
+ + <% if devise_mapping.confirmable? && resource.pending_reconfirmation? %> +
Currently waiting confirmation for: <%= resource.unconfirmed_email %>
+ <% end %> + +
+ <%= f.label :password %> (leave blank if you don't want to change it)
+ <%= f.password_field :password, autocomplete: "off" %> +
+ +
+ <%= f.label :password_confirmation %>
+ <%= f.password_field :password_confirmation, autocomplete: "off" %> +
+ +
+ <%= f.label :current_password %> (we need your current password to confirm your changes)
+ <%= f.password_field :current_password, autocomplete: "off" %> +
+ +
+ <%= f.submit "Update" %> +
+<% end %> + +

Cancel my account

+ +

Unhappy? <%= button_to "Cancel my account", registration_path(resource_name), data: { confirm: "Are you sure?" }, method: :delete %>

+ +<%= link_to "Back", :back %> diff --git a/app/views/devise/registrations/new.html.erb b/app/views/devise/registrations/new.html.erb new file mode 100644 index 0000000..fe4bd48 --- /dev/null +++ b/app/views/devise/registrations/new.html.erb @@ -0,0 +1,19 @@ +

Sign up

+ +<%= form_for(resource, as: resource_name, url: registration_path(resource_name)) do |f| %> + <%= devise_error_messages! %> + + <%= form_email_field f, :email %> + <%= form_text_field f, :nickname %> + <%= form_text_field f, :name %> + <%= form_text_field f, :last_name %> + + <%= form_password_field f, :password %> + <%= form_password_field f, :password_confirmation %> + +
+ <%= f.submit "Sign up" %> +
+<% end %> + +<%= render "devise/shared/links" %> diff --git a/app/views/devise/sessions/new.html.erb b/app/views/devise/sessions/new.html.erb new file mode 100644 index 0000000..d7cc711 --- /dev/null +++ b/app/views/devise/sessions/new.html.erb @@ -0,0 +1,27 @@ +

Log in

+<%= render partial: 'flash' %> + +<%= form_for(resource, as: resource_name, url: session_path(resource_name)) do |f| %> +
+ <%= f.label :email %>
+ <%= f.email_field :email, autofocus: true %> +
+ +
+ <%= f.label :password %>
+ <%= f.password_field :password, autocomplete: "off" %> +
+ + <% if devise_mapping.rememberable? -%> +
+ <%= f.check_box :remember_me %> + <%= f.label :remember_me %> +
+ <% end -%> + +
+ <%= f.submit "Log in" %> +
+<% end %> + +<%= render "devise/shared/links" %> diff --git a/app/views/devise/shared/_links.html.erb b/app/views/devise/shared/_links.html.erb new file mode 100644 index 0000000..cd795ad --- /dev/null +++ b/app/views/devise/shared/_links.html.erb @@ -0,0 +1,25 @@ +<%- if controller_name != 'sessions' %> + <%= link_to "Log in", new_session_path(resource_name) %>
+<% end -%> + +<%- if devise_mapping.registerable? && controller_name != 'registrations' %> + <%= link_to "Sign up", new_registration_path(resource_name) %>
+<% end -%> + +<%- if devise_mapping.recoverable? && controller_name != 'passwords' && controller_name != 'registrations' %> + <%= link_to "Forgot your password?", new_password_path(resource_name) %>
+<% end -%> + +<%- if devise_mapping.confirmable? && controller_name != 'confirmations' %> + <%= link_to "Didn't receive confirmation instructions?", new_confirmation_path(resource_name) %>
+<% end -%> + +<%- if devise_mapping.lockable? && resource_class.unlock_strategy_enabled?(:email) && controller_name != 'unlocks' %> + <%= link_to "Didn't receive unlock instructions?", new_unlock_path(resource_name) %>
+<% end -%> + +<%- if devise_mapping.omniauthable? %> + <%- resource_class.omniauth_providers.each do |provider| %> + <%= link_to "Sign in with #{provider.to_s.titleize}", omniauth_authorize_path(resource_name, provider) %>
+ <% end -%> +<% end -%> diff --git a/app/views/devise/unlocks/new.html.erb b/app/views/devise/unlocks/new.html.erb new file mode 100644 index 0000000..16586bc --- /dev/null +++ b/app/views/devise/unlocks/new.html.erb @@ -0,0 +1,16 @@ +

Resend unlock instructions

+ +<%= form_for(resource, as: resource_name, url: unlock_path(resource_name), html: { method: :post }) do |f| %> + <%= devise_error_messages! %> + +
+ <%= f.label :email %>
+ <%= f.email_field :email, autofocus: true %> +
+ +
+ <%= f.submit "Resend unlock instructions" %> +
+<% end %> + +<%= render "devise/shared/links" %> diff --git a/app/views/layouts/_header.html.erb b/app/views/layouts/_header.html.erb index 322431c..805918d 100644 --- a/app/views/layouts/_header.html.erb +++ b/app/views/layouts/_header.html.erb @@ -13,7 +13,6 @@