Browse Source

L'authentification avec devise et un hash basique est en place

recurrent
echarp 8 years ago
parent
commit
68f39cf5d6
  1. 2
      app/assets/stylesheets/events.css.sass
  2. 2
      app/assets/stylesheets/list.css.sass
  3. 43
      app/assets/stylesheets/sessions.css.sass
  4. 6
      app/controllers/events_controller.rb
  5. 1
      app/controllers/moderations_controller.rb
  6. 2
      app/controllers/users_controller.rb
  7. 1
      app/models/event.rb
  8. 33
      app/models/user.rb
  9. 9
      app/views/devise/confirmations/new.html.haml
  10. 4
      app/views/devise/mailer/confirmation_instructions.html.haml
  11. 6
      app/views/devise/mailer/reset_password_instructions.html.haml
  12. 5
      app/views/devise/mailer/unlock_instructions.html.haml
  13. 14
      app/views/devise/passwords/edit.html.haml
  14. 9
      app/views/devise/passwords/new.html.haml
  15. 30
      app/views/devise/registrations/edit.html.haml
  16. 17
      app/views/devise/registrations/new.html.haml
  17. 19
      app/views/devise/sessions/new.html.haml
  18. 19
      app/views/devise/shared/_links.haml
  19. 9
      app/views/devise/unlocks/new.html.haml
  20. 4
      app/views/events/_form.html.haml
  21. 2
      app/views/events/new.html.haml
  22. 2
      app/views/moderations/index.html.haml
  23. 12
      config/locales/fr.yml
  24. 1
      config/routes.rb
  25. 15
      test/controllers/users_controller_test.rb
  26. 9
      test/fixtures/users.yml
  27. 23
      test/models/user_test.rb

2
app/assets/stylesheets/events.css.sass

@ -145,7 +145,7 @@ table.calendar
a
color: #8F4900
form
.events form
.field, .actions
text-align: left
margin-left: 2px

2
app/assets/stylesheets/list.css.sass

@ -23,7 +23,7 @@ table.list
font-weight: normal
text-decoration: none
&:hover
text-shadow: 0px 0px 16px black
@include text-shadow(2px 2px 1px lightblue)
&:before
padding: 0.5em
font-size: 20px

43
app/assets/stylesheets/sessions.css.sass

@ -0,0 +1,43 @@
@import "compass"
.sessions
form
margin: 1em auto
display: inline-block
.field, .actions
text-align: left
margin-left: 2px
margin-bottom: 2px !important
*
vertical-align: middle
p.helper
margin: 1px 5px 1px 6.6em
line-height: 0.9em
label
width: 8em
display: inline-block
text-align: right
&:after
content: ':'
input, textarea, select
color: black
margin: 3px 0
border: 1px solid #868686
padding: 0.2em 0.8em
font-size: larger
font-family: georgia, serif
background-color: #FFB
@include border-radius(0.8em)
&:focus
background-color: #F0F8FF !important
input[type=submit]
border: none
font-size: x-large
@include box-shadow(0 0 1em lightblue)
@include text-shadow(1px 1px 1px white)
.actions
margin-left: 6.75em
margin-bottom: 10px
.logout
margin: 2em auto

6
app/controllers/events_controller.rb

@ -36,8 +36,8 @@ class EventsController < InheritedResources::Base
# This is a special case, required to handle the region attribute with same foreign key name
@event.region = Region.find(params[:event][:region])
if (params[:visu])
render action: 'new'
if params[:visu]
render action: :new
return
end
@ -57,7 +57,7 @@ class EventsController < InheritedResources::Base
def update
if params[:visu]
@event.attributes = params[:event]
render action: 'edit'
render action: :edit
return
end

1
app/controllers/moderations_controller.rb

@ -1,4 +1,5 @@
class ModerationsController < InheritedResources::Base
before_filter :authenticate_user!
before_action :set_event, only: [:show, :edit, :update, :destroy]
def index

2
app/controllers/users_controller.rb

@ -69,6 +69,6 @@ class UsersController < ApplicationController
# Never trust parameters from the scary internet, only allow the white list through.
def user_params
params.require(:user).permit(:login, :email, :lastname, :firstname)
params.require(:user).permit(:login, :email, :lastname, :firstname, :password)
end
end

1
app/models/event.rb

@ -29,7 +29,6 @@ class Event < ActiveRecord::Base
self.decision_time = Date.today
end
def same_day?
start_time.to_date == end_time.to_date
end

33
app/models/user.rb

@ -1,3 +1,36 @@
require 'digest/md5'
class User < ActiveRecord::Base
# Include default devise modules. Others available are:
# :confirmable, :lockable, :timeoutable and :omniauthable
devise :database_authenticatable, authentication_keys: [:login]
#, :registerable, :validatable
has_many :notes
def encrypted_password=(pass)
write_attribute :password, pass
end
def encrypted_password
read_attribute :password
end
def self.find_first_by_auth_conditions(warden_conditions)
conditions = warden_conditions.dup
if login = conditions.delete(:login)
where(conditions).where(["login = :value", { value: login }]).first
else
where(conditions).first
end
end
def valid_password?(password)
encrypted_password == password_digest(password)
end
protected
def password_digest(password)
Digest::MD5.hexdigest password
end
end

9
app/views/devise/confirmations/new.html.haml

@ -0,0 +1,9 @@
%h2 Resend confirmation instructions
= form_for(resource, :as => resource_name, :url => confirmation_path(resource_name), :html => { :method => :post }) do |f|
= devise_error_messages!
%div
= f.label :email
%br/
= f.email_field :email, :autofocus => true
%div= f.submit "Resend confirmation instructions"
= render "devise/shared/links"

4
app/views/devise/mailer/confirmation_instructions.html.haml

@ -0,0 +1,4 @@
%p
Welcome #{@email}!
%p You can confirm your account email through the link below:
%p= link_to 'Confirm my account', confirmation_url(@resource, :confirmation_token => @token)

6
app/views/devise/mailer/reset_password_instructions.html.haml

@ -0,0 +1,6 @@
%p
Hello #{@resource.email}!
%p Someone has requested a link to change your password. You can do this through the link below.
%p= link_to 'Change my password', edit_password_url(@resource, :reset_password_token => @token)
%p If you didn't request this, please ignore this email.
%p Your password won't change until you access the link above and create a new one.

5
app/views/devise/mailer/unlock_instructions.html.haml

@ -0,0 +1,5 @@
%p
Hello #{@resource.email}!
%p Your account has been locked due to an excessive number of unsuccessful sign in attempts.
%p Click the link below to unlock your account:
%p= link_to 'Unlock my account', unlock_url(@resource, :unlock_token => @token)

14
app/views/devise/passwords/edit.html.haml

@ -0,0 +1,14 @@
%h2 Change your password
= form_for(resource, :as => resource_name, :url => password_path(resource_name), :html => { :method => :put }) do |f|
= devise_error_messages!
= f.hidden_field :reset_password_token
%div
= f.label :password, "New password"
%br/
= f.password_field :password, :autofocus => true
%div
= f.label :password_confirmation, "Confirm new password"
%br/
= f.password_field :password_confirmation
%div= f.submit "Change my password"
= render "devise/shared/links"

9
app/views/devise/passwords/new.html.haml

@ -0,0 +1,9 @@
%h2 Forgot your password?
= form_for(resource, :as => resource_name, :url => password_path(resource_name), :html => { :method => :post }) do |f|
= devise_error_messages!
%div
= f.label :email
%br/
= f.email_field :email, :autofocus => true
%div= f.submit "Send me reset password instructions"
= render "devise/shared/links"

30
app/views/devise/registrations/edit.html.haml

@ -0,0 +1,30 @@
%h2
Edit #{resource_name.to_s.humanize}
= form_for(resource, :as => resource_name, :url => registration_path(resource_name), :html => { :method => :put }) do |f|
= devise_error_messages!
%div
= f.label :email
%br/
= f.email_field :email, :autofocus => true
- if devise_mapping.confirmable? && resource.pending_reconfirmation?
%div
Currently waiting confirmation for: #{resource.unconfirmed_email}
%div
= f.label :password
%i (leave blank if you don't want to change it)
%br/
= f.password_field :password, :autocomplete => "off"
%div
= f.label :password_confirmation
%br/
= f.password_field :password_confirmation
%div
= f.label :current_password
%i (we need your current password to confirm your changes)
%br/
= f.password_field :current_password
%div= f.submit "Update"
%h3 Cancel my account
%p
Unhappy? #{button_to "Cancel my account", registration_path(resource_name), :data => { :confirm => "Are you sure?" }, :method => :delete}
= link_to "Back", :back

17
app/views/devise/registrations/new.html.haml

@ -0,0 +1,17 @@
%h2 Sign up
= form_for(resource, :as => resource_name, :url => registration_path(resource_name)) do |f|
= devise_error_messages!
%div
= f.label :email
%br/
= f.email_field :email, :autofocus => true
%div
= f.label :password
%br/
= f.password_field :password
%div
= f.label :password_confirmation
%br/
= f.password_field :password_confirmation
%div= f.submit "Sign up"
= render "devise/shared/links"

19
app/views/devise/sessions/new.html.haml

@ -0,0 +1,19 @@
%h2=t '.title'
= form_for resource, as: resource_name, url: session_path(resource_name) do |f|
%div.field
= f.label :login
= f.text_field :login, autofocus: true
%div.field
= f.label :password
= f.password_field :password
- if devise_mapping.rememberable?
%div
= f.check_box :remember_me
= f.label :remember_me
%div= f.submit t('.sign_in')
= render "devise/shared/links"

19
app/views/devise/shared/_links.haml

@ -0,0 +1,19 @@
- if controller_name != 'sessions'
= link_to "Sign in", new_session_path(resource_name)
%br/
- if devise_mapping.registerable? && controller_name != 'registrations'
= link_to "Sign up", new_registration_path(resource_name)
%br/
- if devise_mapping.recoverable? && controller_name != 'passwords' && controller_name != 'registrations'
= link_to "Forgot your password?", new_password_path(resource_name)
%br/
- if devise_mapping.confirmable? && controller_name != 'confirmations'
= link_to "Didn't receive confirmation instructions?", new_confirmation_path(resource_name)
%br/
- if devise_mapping.lockable? && resource_class.unlock_strategy_enabled?(:email) && controller_name != 'unlocks'
= link_to "Didn't receive unlock instructions?", new_unlock_path(resource_name)
%br/
- if devise_mapping.omniauthable?
- resource_class.omniauth_providers.each do |provider|
= link_to "Sign in with #{provider.to_s.titleize}", omniauth_authorize_path(resource_name, provider)
%br/

9
app/views/devise/unlocks/new.html.haml

@ -0,0 +1,9 @@
%h2 Resend unlock instructions
= form_for(resource, :as => resource_name, :url => unlock_path(resource_name), :html => { :method => :post }) do |f|
= devise_error_messages!
%div
= f.label :email
%br/
= f.email_field :email, :autofocus => true
%div= f.submit "Resend unlock instructions"
= render "devise/shared/links"

4
app/views/events/_form.html.haml

@ -1,4 +1,4 @@
= form_for @event, url: moderation_path(@event) do |f|
= form_for @event do |f|
- if @event.errors.any?
#error_explanation
%h2= "#{pluralize(@event.errors.count, "error")} prohibited this event from being saved:"
@ -62,7 +62,7 @@
.field
= f.label Event.human_attribute_name :region
= f.select :region,
options_from_collection_for_select(Region.all, 'id', 'name', @event.region.id)
options_from_collection_for_select(Region.all, 'id', 'name', @event.region && @event.region.id)
.field
= f.label Event.human_attribute_name :locality
= f.select :locality,

2
app/views/events/new.html.haml

@ -2,7 +2,7 @@
- if @event && params[:visu]
%hr/
= render file: 'show'
= render file: '/events/show'
%hr/
= render 'form'

2
app/views/moderations/index.html.haml

@ -47,3 +47,5 @@
=t '.posted_by',
author: "#{note.author.firstname} #{note.author.lastname}",
date: l(note.date, format: :at)
.logout= link_to t('logout'), destroy_user_session_path, method: :delete

12
config/locales/fr.yml

@ -4,6 +4,7 @@ fr:
validate: Valider
refuse: Refuser
destroy: Supprimer
logout: Se déconnecter
attributes:
id: ID
@ -26,7 +27,7 @@ fr:
lug: Gull
attributes:
user:
login: Identifiant
login: Login
password: Mot de passe
lastname: Nom
firstname: Prénom
@ -145,3 +146,12 @@ fr:
moderation: Modération
preview: Prévisualisation de l'évènement
edit: Édition de l'évènement
users:
sign_in:
title: Identification
devise:
sessions:
new:
title: Identification
sign_in: Identifier

1
config/routes.rb

@ -11,6 +11,7 @@ AgendaDuLibreRails::Application.routes.draw do
get 'ical.php' => 'events#index', format: :ics
get ':format.php' => 'events#index'
devise_for :users, path: '', path_names: {sign_in: 'login', sign_out: 'logout'}
devise_for :admin_users, ActiveAdmin::Devise.config
ActiveAdmin.routes(self)

15
test/controllers/users_controller_test.rb

@ -18,7 +18,13 @@ class UsersControllerTest < ActionController::TestCase
test "should create user" do
assert_difference('User.count') do
post :create, user: { email: @user.email, firstname: @user.firstname, lastname: @user.lastname, login: @user.login }
post :create, user: {
email: 'original@example.com',
firstname: @user.firstname,
lastname: @user.lastname,
login: @user.login,
password: 'abcdefghijklmnopqrstuvwxyz'
}
end
assert_redirected_to user_path(assigns(:user))
@ -35,7 +41,12 @@ class UsersControllerTest < ActionController::TestCase
end
test "should update user" do
patch :update, id: @user, user: { email: @user.email, firstname: @user.firstname, lastname: @user.lastname, login: @user.login }
patch :update, id: @user, user: {
email: @user.email,
firstname: @user.firstname,
lastname: @user.lastname,
login: @user.login
}
assert_redirected_to user_path(assigns(:user))
end

9
test/fixtures/users.yml vendored

@ -1,10 +1,7 @@
# Read about fixtures at http://api.rubyonrails.org/classes/ActiveRecord/FixtureSet.html
# This model initially had no columns defined. If you add columns to the
# model remove the '{}' from the fixture names and add the columns immediately
# below each fixture, per the syntax in the comments below
one:
email: one@example.com
firstname: first
lastname: last
login: aNiceLogin
two:
email: two@example.com

23
test/models/user_test.rb

@ -1,7 +1,26 @@
require 'test_helper'
class UserTest < ActiveSupport::TestCase
test "the truth" do
assert true
test "basic user" do
@user = User.new(
email: 'original@example.com',
firstname: 'first',
lastname: 'last',
login: 'login',
password: 'abcdefghijklmnopqrstuvwxyz'
)
assert_not_nil @user
assert_equal 'c3fcd3d76192e4007dfb496cca67e13b', @user.encrypted_password
end
test "the password" do
@user = User.new(
email: 'original@example.com',
firstname: 'first',
lastname: 'last',
login: 'login',
password: 'abcdefghijklmnopqrstuvwxyz'
)
assert @user.valid_password? 'abcdefghijklmnopqrstuvwxyz'
end
end

Loading…
Cancel
Save