Add devise to users

This commit is contained in:
Benjamin Cousaert 2014-12-09 17:17:11 +01:00
parent 20d968a7ef
commit da22af605f
25 changed files with 391 additions and 126 deletions

View file

@ -2,7 +2,24 @@ class ApplicationController < ActionController::Base
# Prevent CSRF attacks by raising an exception. # Prevent CSRF attacks by raising an exception.
# For APIs, you may want to use :null_session instead. # For APIs, you may want to use :null_session instead.
protect_from_forgery with: :exception protect_from_forgery with: :exception
before_action :configure_permitted_parameters, if: :devise_controller?
def after_sign_in_path_for(resource)
new_user_session_path
end
def after_sign_up_path_for(resource)
root_path
end
include OrdersHelper include OrdersHelper
include ApplicationHelper include ApplicationHelper
protected
def configure_permitted_parameters
devise_parameter_sanitizer.for(:sign_up) { |u| u.permit(
:email, :nickname, :name, :last_name, :password, :password_confirmation
) }
end
end end

View file

@ -1,49 +1,10 @@
class UsersController < ApplicationController class UsersController < ApplicationController
def new
@user = User.new
end
def show def show
@user = User.find(params[:id]) @user = User.find(params[:id])
@orders = @user.orders.paginate(page: params[:page]) @orders = @user.orders.paginate(page: params[:page])
end end
def create
@user = User.new(user_params)
if @user.save
redirect_to @user
else
render 'new'
end
end
def edit
@user = User.find(params[:id])
end
def update
@user = User.find(params[:id])
if @user.update_attributes(user_params)
redirect_to @user
else
render 'edit'
end
end
def index def index
@users = User.all @users = User.all
end end
def destroy
User.find(params[:id]).destroy
redirect_to users_path
end
private
def user_params
params.require(:user).permit(:name, :last_name, :password,
:password_confirmation, :nickname)
end
end end

View file

@ -7,12 +7,29 @@
# last_name :string(255) # last_name :string(255)
# balance :integer default(0) # balance :integer default(0)
# nickname :string(255) # nickname :string(255)
# password_digest :string(255)
# created_at :datetime # created_at :datetime
# updated_at :datetime # updated_at :datetime
# email :string(255) default(""), not null
# encrypted_password :string(255) default(""), not null
# reset_password_token :string(255)
# reset_password_sent_at :datetime
# remember_created_at :datetime
# sign_in_count :integer default(0), not null
# current_sign_in_at :datetime
# last_sign_in_at :datetime
# current_sign_in_ip :string(255)
# last_sign_in_ip :string(255)
# confirmation_token :string(255)
# confirmed_at :datetime
# confirmation_sent_at :datetime
# unconfirmed_email :string(255)
# #
class User < ActiveRecord::Base class User < ActiveRecord::Base
devise :database_authenticatable, :registerable,
:recoverable, :rememberable, :trackable, :validatable,
:confirmable
has_many :orders, -> { includes :products } has_many :orders, -> { includes :products }
validates :name, presence: true validates :name, presence: true
@ -26,6 +43,4 @@ class User < ActiveRecord::Base
def pay(amount) def pay(amount)
self.increment!(:balance, - amount) self.increment!(:balance, - amount)
end end
has_secure_password
end end

View file

@ -0,0 +1,16 @@
<h2>Resend confirmation instructions</h2>
<%= form_for(resource, as: resource_name, url: confirmation_path(resource_name), html: { method: :post }) do |f| %>
<%= devise_error_messages! %>
<div class="field">
<%= f.label :email %><br />
<%= f.email_field :email, autofocus: true %>
</div>
<div class="actions">
<%= f.submit "Resend confirmation instructions" %>
</div>
<% end %>
<%= render "devise/shared/links" %>

View file

@ -0,0 +1,5 @@
<p>Welcome <%= @email %>!</p>
<p>You can confirm your account email through the link below:</p>
<p><%= link_to 'Confirm my account', confirmation_url(@resource, confirmation_token: @token) %></p>

View file

@ -0,0 +1,8 @@
<p>Hello <%= @resource.email %>!</p>
<p>Someone has requested a link to change your password. You can do this through the link below.</p>
<p><%= link_to 'Change my password', edit_password_url(@resource, reset_password_token: @token) %></p>
<p>If you didn't request this, please ignore this email.</p>
<p>Your password won't change until you access the link above and create a new one.</p>

View file

@ -0,0 +1,7 @@
<p>Hello <%= @resource.email %>!</p>
<p>Your account has been locked due to an excessive number of unsuccessful sign in attempts.</p>
<p>Click the link below to unlock your account:</p>
<p><%= link_to 'Unlock my account', unlock_url(@resource, unlock_token: @token) %></p>

View file

@ -0,0 +1,22 @@
<h2>Change your password</h2>
<%= form_for(resource, as: resource_name, url: password_path(resource_name), html: { method: :put }) do |f| %>
<%= devise_error_messages! %>
<%= f.hidden_field :reset_password_token %>
<div class="field">
<%= f.label :password, "New password" %><br />
<%= f.password_field :password, autofocus: true, autocomplete: "off" %>
</div>
<div class="field">
<%= f.label :password_confirmation, "Confirm new password" %><br />
<%= f.password_field :password_confirmation, autocomplete: "off" %>
</div>
<div class="actions">
<%= f.submit "Change my password" %>
</div>
<% end %>
<%= render "devise/shared/links" %>

View file

@ -0,0 +1,16 @@
<h2>Forgot your password?</h2>
<%= form_for(resource, as: resource_name, url: password_path(resource_name), html: { method: :post }) do |f| %>
<%= devise_error_messages! %>
<div class="field">
<%= f.label :email %><br />
<%= f.email_field :email, autofocus: true %>
</div>
<div class="actions">
<%= f.submit "Send me reset password instructions" %>
</div>
<% end %>
<%= render "devise/shared/links" %>

View file

@ -0,0 +1,39 @@
<h2>Edit <%= resource_name.to_s.humanize %></h2>
<%= form_for(resource, as: resource_name, url: registration_path(resource_name), html: { method: :put }) do |f| %>
<%= devise_error_messages! %>
<div class="field">
<%= f.label :email %><br />
<%= f.email_field :email, autofocus: true %>
</div>
<% if devise_mapping.confirmable? && resource.pending_reconfirmation? %>
<div>Currently waiting confirmation for: <%= resource.unconfirmed_email %></div>
<% end %>
<div class="field">
<%= f.label :password %> <i>(leave blank if you don't want to change it)</i><br />
<%= f.password_field :password, autocomplete: "off" %>
</div>
<div class="field">
<%= f.label :password_confirmation %><br />
<%= f.password_field :password_confirmation, autocomplete: "off" %>
</div>
<div class="field">
<%= f.label :current_password %> <i>(we need your current password to confirm your changes)</i><br />
<%= f.password_field :current_password, autocomplete: "off" %>
</div>
<div class="actions">
<%= f.submit "Update" %>
</div>
<% end %>
<h3>Cancel my account</h3>
<p>Unhappy? <%= button_to "Cancel my account", registration_path(resource_name), data: { confirm: "Are you sure?" }, method: :delete %></p>
<%= link_to "Back", :back %>

View file

@ -0,0 +1,19 @@
<h2>Sign up</h2>
<%= form_for(resource, as: resource_name, url: registration_path(resource_name)) do |f| %>
<%= devise_error_messages! %>
<%= form_email_field f, :email %>
<%= form_text_field f, :nickname %>
<%= form_text_field f, :name %>
<%= form_text_field f, :last_name %>
<%= form_password_field f, :password %>
<%= form_password_field f, :password_confirmation %>
<div class="actions">
<%= f.submit "Sign up" %>
</div>
<% end %>
<%= render "devise/shared/links" %>

View file

@ -0,0 +1,27 @@
<h2>Log in</h2>
<%= render partial: 'flash' %>
<%= form_for(resource, as: resource_name, url: session_path(resource_name)) do |f| %>
<div class="field">
<%= f.label :email %><br />
<%= f.email_field :email, autofocus: true %>
</div>
<div class="field">
<%= f.label :password %><br />
<%= f.password_field :password, autocomplete: "off" %>
</div>
<% if devise_mapping.rememberable? -%>
<div class="field">
<%= f.check_box :remember_me %>
<%= f.label :remember_me %>
</div>
<% end -%>
<div class="actions">
<%= f.submit "Log in" %>
</div>
<% end %>
<%= render "devise/shared/links" %>

View file

@ -0,0 +1,25 @@
<%- if controller_name != 'sessions' %>
<%= link_to "Log in", new_session_path(resource_name) %><br />
<% end -%>
<%- if devise_mapping.registerable? && controller_name != 'registrations' %>
<%= link_to "Sign up", new_registration_path(resource_name) %><br />
<% end -%>
<%- if devise_mapping.recoverable? && controller_name != 'passwords' && controller_name != 'registrations' %>
<%= link_to "Forgot your password?", new_password_path(resource_name) %><br />
<% end -%>
<%- if devise_mapping.confirmable? && controller_name != 'confirmations' %>
<%= link_to "Didn't receive confirmation instructions?", new_confirmation_path(resource_name) %><br />
<% end -%>
<%- if devise_mapping.lockable? && resource_class.unlock_strategy_enabled?(:email) && controller_name != 'unlocks' %>
<%= link_to "Didn't receive unlock instructions?", new_unlock_path(resource_name) %><br />
<% end -%>
<%- if devise_mapping.omniauthable? %>
<%- resource_class.omniauth_providers.each do |provider| %>
<%= link_to "Sign in with #{provider.to_s.titleize}", omniauth_authorize_path(resource_name, provider) %><br />
<% end -%>
<% end -%>

View file

@ -0,0 +1,16 @@
<h2>Resend unlock instructions</h2>
<%= form_for(resource, as: resource_name, url: unlock_path(resource_name), html: { method: :post }) do |f| %>
<%= devise_error_messages! %>
<div class="field">
<%= f.label :email %><br />
<%= f.email_field :email, autofocus: true %>
</div>
<div class="actions">
<%= f.submit "Resend unlock instructions" %>
</div>
<% end %>
<%= render "devise/shared/links" %>

View file

@ -13,7 +13,6 @@
<!-- Collect the nav links, forms, and other content for toggling --> <!-- Collect the nav links, forms, and other content for toggling -->
<div class="collapse navbar-collapse" id="bs-example-navbar-collapse-1"> <div class="collapse navbar-collapse" id="bs-example-navbar-collapse-1">
<ul class="nav navbar-nav"> <ul class="nav navbar-nav">
<li><%= link_to "Overview" , overview_path %> </li> <!-- tijdelijk voor iedereen -->
<li class="dropdown"> <li class="dropdown">
<a href="#" class="dropdown-toggle" data-toggle="dropdown" role="button" aria-expanded="false">Products <span class="caret"></span></a> <a href="#" class="dropdown-toggle" data-toggle="dropdown" role="button" aria-expanded="false">Products <span class="caret"></span></a>
<ul class="dropdown-menu" role="menu"> <ul class="dropdown-menu" role="menu">
@ -24,7 +23,7 @@
<li class="dropdown"> <li class="dropdown">
<a href="#" class="dropdown-toggle" data-toggle="dropdown" role="button" aria-expanded="false">Users <span class="caret"></span></a> <a href="#" class="dropdown-toggle" data-toggle="dropdown" role="button" aria-expanded="false">Users <span class="caret"></span></a>
<ul class="dropdown-menu" role="menu"> <ul class="dropdown-menu" role="menu">
<li><%= link_to "New User", new_user_path %></li> <li><%= link_to "New User", new_user_registration_path %></li>
<li><%= link_to "index" , users_path %></li> <li><%= link_to "index" , users_path %></li>
</ul> </ul>
</li> </li>
@ -43,7 +42,7 @@
<ul class="dropdown-menu" role="menu"> <ul class="dropdown-menu" role="menu">
<li><a href="#">Profile</a></li> <li><a href="#">Profile</a></li>
<li><a href="#">Update</a></li> <li><a href="#">Update</a></li>
<li><a href="#">Logout</a></li> <li><%= link_to "Sign out", destroy_user_session_path, method: :delete unless current_user.nil? %></li>
</ul> </ul>
</li> </li>
</ul> </ul>

View file

@ -0,0 +1,25 @@
<div class="row">
<div class="col-md-6 col-md-offset-3">
<%= form_for(@user) do |f| %>
<%= render partial: 'errors', locals: { model: @user } %>
<%= f.label :nickname %>
<%= f.text_field :nickname %>
<%= f.label :name %>
<%= f.text_field :name %>
<%= f.label :last_name %>
<%= f.text_field :last_name %>
<%= f.label :password %>
<%= f.password_field :password %>
<%= f.label :password_confirmation, "Confirmation" %>
<%= f.password_field :password_confirmation %>
<%= f.submit class: "btn btn-primary" %>
<% end %>
</div>
</div>

View file

@ -1,27 +1,2 @@
<h1>Update user</h1> <h1>Update user</h1>
<%= render 'form' %>
<div class="row">
<div class="col-md-6 col-md-offset-3">
<%= form_for(@user) do |f| %>
<%= render partial: 'errors', locals: { model: @user } %>
<%= f.label :nickname %>
<%= f.text_field :nickname %>
<%= f.label :name %>
<%= f.text_field :name %>
<%= f.label :last_name %>
<%= f.text_field :last_name %>
<%= f.label :password %>
<%= f.password_field :password %>
<%= f.label :password_confirmation, "Confirmation" %>
<%= f.password_field :password_confirmation %>
<%= f.submit "Save changes", class: "btn btn-primary" %>
<% end %>
</div>
</div>

View file

@ -1,26 +1,2 @@
<h1>Sign up</h1> <h1>Sign up</h1>
<%= render 'form' %>
<div class="row">
<div class="col-md-6 col-md-offset-3">
<%= form_for(@user) do |f| %>
<%= render partial: 'errors', locals: { model: @user } %>
<%= f.label :nickname %>
<%= f.text_field :nickname %>
<%= f.label :name %>
<%= f.text_field :name %>
<%= f.label :last_name %>
<%= f.text_field :last_name %>
<%= f.label :password %>
<%= f.password_field :password %>
<%= f.label :password_confirmation, "Confirmation" %>
<%= f.password_field :password_confirmation %>
<%= f.submit "Create my account", class: "btn btn-primary" %>
<% end %>
</div>
</div>

View file

@ -7,7 +7,7 @@
<h1>Balance: <%= @user.balance %></h1> <h1>Balance: <%= @user.balance %></h1>
<h1>User id: <%= @user.id %></h1> <h1>User id: <%= @user.id %></h1>
<p> <p>
<%= link_to "edit" , edit_user_path %> <%= link_to "edit" , edit_user_registration_path %>
</p> </p>
</section> </section>

View file

@ -2,14 +2,14 @@ Rails.application.routes.draw do
root "orders#overview" root "orders#overview"
resources :users do devise_for :users
resources :users, only: [:show, :index] do
resources :orders, only: [:new, :create, :index] resources :orders, only: [:new, :create, :index]
end end
resources :products resources :products
get 'overview' => 'orders#overview'
# The priority is based upon order of creation: first created -> highest priority. # The priority is based upon order of creation: first created -> highest priority.
# See how all your routes lay out with "rake routes". # See how all your routes lay out with "rake routes".

View file

@ -0,0 +1,49 @@
class AddDeviseToUsers < ActiveRecord::Migration
def self.up
change_table(:users) do |t|
## Database authenticatable
t.string :email, null: false, default: ""
t.string :encrypted_password, null: false, default: ""
## Recoverable
t.string :reset_password_token
t.datetime :reset_password_sent_at
## Rememberable
t.datetime :remember_created_at
## Trackable
t.integer :sign_in_count, default: 0, null: false
t.datetime :current_sign_in_at
t.datetime :last_sign_in_at
t.string :current_sign_in_ip
t.string :last_sign_in_ip
## Confirmable
t.string :confirmation_token
t.datetime :confirmed_at
t.datetime :confirmation_sent_at
t.string :unconfirmed_email # Only if using reconfirmable
## Lockable
# t.integer :failed_attempts, default: 0, null: false # Only if lock strategy is :failed_attempts
# t.string :unlock_token # Only if unlock strategy is :email or :both
# t.datetime :locked_at
# Uncomment below if timestamps were not included in your original model.
# t.timestamps
end
add_index :users, :email, unique: true
add_index :users, :reset_password_token, unique: true
add_index :users, :confirmation_token, unique: true
# add_index :users, :unlock_token, unique: true
end
def self.down
# By default, we don't want to make any assumption about how to roll back a migration when your
# model already existed. Please edit below which fields you would like to remove in this migration.
raise ActiveRecord::IrreversibleMigration
end
end

View file

@ -0,0 +1,5 @@
class DropPasswordDigestUsers < ActiveRecord::Migration
def change
remove_column :users, :password_digest, :string
end
end

View file

@ -11,7 +11,7 @@
# #
# It's strongly recommended that you check this file into your version control system. # It's strongly recommended that you check this file into your version control system.
ActiveRecord::Schema.define(version: 20141208160113) do ActiveRecord::Schema.define(version: 20141209144521) do
create_table "order_products", force: true do |t| create_table "order_products", force: true do |t|
t.integer "order_id" t.integer "order_id"
@ -45,9 +45,26 @@ ActiveRecord::Schema.define(version: 20141208160113) do
t.string "last_name" t.string "last_name"
t.integer "balance", default: 0 t.integer "balance", default: 0
t.string "nickname" t.string "nickname"
t.string "password_digest"
t.datetime "created_at" t.datetime "created_at"
t.datetime "updated_at" t.datetime "updated_at"
t.string "email", default: "", null: false
t.string "encrypted_password", default: "", null: false
t.string "reset_password_token"
t.datetime "reset_password_sent_at"
t.datetime "remember_created_at"
t.integer "sign_in_count", default: 0, null: false
t.datetime "current_sign_in_at"
t.datetime "last_sign_in_at"
t.string "current_sign_in_ip"
t.string "last_sign_in_ip"
t.string "confirmation_token"
t.datetime "confirmed_at"
t.datetime "confirmation_sent_at"
t.string "unconfirmed_email"
end end
add_index "users", ["confirmation_token"], name: "index_users_on_confirmation_token", unique: true
add_index "users", ["email"], name: "index_users_on_email", unique: true
add_index "users", ["reset_password_token"], name: "index_users_on_reset_password_token", unique: true
end end

View file

@ -7,9 +7,22 @@
# last_name :string(255) # last_name :string(255)
# balance :integer default(0) # balance :integer default(0)
# nickname :string(255) # nickname :string(255)
# password_digest :string(255)
# created_at :datetime # created_at :datetime
# updated_at :datetime # updated_at :datetime
# email :string(255) default(""), not null
# encrypted_password :string(255) default(""), not null
# reset_password_token :string(255)
# reset_password_sent_at :datetime
# remember_created_at :datetime
# sign_in_count :integer default(0), not null
# current_sign_in_at :datetime
# last_sign_in_at :datetime
# current_sign_in_ip :string(255)
# last_sign_in_ip :string(255)
# confirmation_token :string(255)
# confirmed_at :datetime
# confirmation_sent_at :datetime
# unconfirmed_email :string(255)
# #
# Read about fixtures at http://api.rubyonrails.org/classes/ActiveRecord/FixtureSet.html # Read about fixtures at http://api.rubyonrails.org/classes/ActiveRecord/FixtureSet.html

View file

@ -7,9 +7,22 @@
# last_name :string(255) # last_name :string(255)
# balance :integer default(0) # balance :integer default(0)
# nickname :string(255) # nickname :string(255)
# password_digest :string(255)
# created_at :datetime # created_at :datetime
# updated_at :datetime # updated_at :datetime
# email :string(255) default(""), not null
# encrypted_password :string(255) default(""), not null
# reset_password_token :string(255)
# reset_password_sent_at :datetime
# remember_created_at :datetime
# sign_in_count :integer default(0), not null
# current_sign_in_at :datetime
# last_sign_in_at :datetime
# current_sign_in_ip :string(255)
# last_sign_in_ip :string(255)
# confirmation_token :string(255)
# confirmed_at :datetime
# confirmation_sent_at :datetime
# unconfirmed_email :string(255)
# #
require 'test_helper' require 'test_helper'