L'authentification avec devise et un hash basique est en place

This commit is contained in:
echarp 2014-01-10 16:35:58 +01:00
parent 450f52ef43
commit 68f39cf5d6
27 changed files with 278 additions and 21 deletions

View File

@ -145,7 +145,7 @@ table.calendar
a a
color: #8F4900 color: #8F4900
form .events form
.field, .actions .field, .actions
text-align: left text-align: left
margin-left: 2px margin-left: 2px

View File

@ -23,7 +23,7 @@ table.list
font-weight: normal font-weight: normal
text-decoration: none text-decoration: none
&:hover &:hover
text-shadow: 0px 0px 16px black @include text-shadow(2px 2px 1px lightblue)
&:before &:before
padding: 0.5em padding: 0.5em
font-size: 20px font-size: 20px

View File

@ -0,0 +1,43 @@
@import "compass"
.sessions
form
margin: 1em auto
display: inline-block
.field, .actions
text-align: left
margin-left: 2px
margin-bottom: 2px !important
*
vertical-align: middle
p.helper
margin: 1px 5px 1px 6.6em
line-height: 0.9em
label
width: 8em
display: inline-block
text-align: right
&:after
content: ':'
input, textarea, select
color: black
margin: 3px 0
border: 1px solid #868686
padding: 0.2em 0.8em
font-size: larger
font-family: georgia, serif
background-color: #FFB
@include border-radius(0.8em)
&:focus
background-color: #F0F8FF !important
input[type=submit]
border: none
font-size: x-large
@include box-shadow(0 0 1em lightblue)
@include text-shadow(1px 1px 1px white)
.actions
margin-left: 6.75em
margin-bottom: 10px
.logout
margin: 2em auto

View File

@ -36,8 +36,8 @@ class EventsController < InheritedResources::Base
# This is a special case, required to handle the region attribute with same foreign key name # This is a special case, required to handle the region attribute with same foreign key name
@event.region = Region.find(params[:event][:region]) @event.region = Region.find(params[:event][:region])
if (params[:visu]) if params[:visu]
render action: 'new' render action: :new
return return
end end
@ -57,7 +57,7 @@ class EventsController < InheritedResources::Base
def update def update
if params[:visu] if params[:visu]
@event.attributes = params[:event] @event.attributes = params[:event]
render action: 'edit' render action: :edit
return return
end end

View File

@ -1,4 +1,5 @@
class ModerationsController < InheritedResources::Base class ModerationsController < InheritedResources::Base
before_filter :authenticate_user!
before_action :set_event, only: [:show, :edit, :update, :destroy] before_action :set_event, only: [:show, :edit, :update, :destroy]
def index def index

View File

@ -69,6 +69,6 @@ class UsersController < ApplicationController
# Never trust parameters from the scary internet, only allow the white list through. # Never trust parameters from the scary internet, only allow the white list through.
def user_params def user_params
params.require(:user).permit(:login, :email, :lastname, :firstname) params.require(:user).permit(:login, :email, :lastname, :firstname, :password)
end end
end end

View File

@ -29,7 +29,6 @@ class Event < ActiveRecord::Base
self.decision_time = Date.today self.decision_time = Date.today
end end
def same_day? def same_day?
start_time.to_date == end_time.to_date start_time.to_date == end_time.to_date
end end

View File

@ -1,3 +1,36 @@
require 'digest/md5'
class User < ActiveRecord::Base class User < ActiveRecord::Base
# Include default devise modules. Others available are:
# :confirmable, :lockable, :timeoutable and :omniauthable
devise :database_authenticatable, authentication_keys: [:login]
#, :registerable, :validatable
has_many :notes has_many :notes
def encrypted_password=(pass)
write_attribute :password, pass
end
def encrypted_password
read_attribute :password
end
def self.find_first_by_auth_conditions(warden_conditions)
conditions = warden_conditions.dup
if login = conditions.delete(:login)
where(conditions).where(["login = :value", { value: login }]).first
else
where(conditions).first
end
end
def valid_password?(password)
encrypted_password == password_digest(password)
end
protected
def password_digest(password)
Digest::MD5.hexdigest password
end
end end

View File

@ -0,0 +1,9 @@
%h2 Resend confirmation instructions
= form_for(resource, :as => resource_name, :url => confirmation_path(resource_name), :html => { :method => :post }) do |f|
= devise_error_messages!
%div
= f.label :email
%br/
= f.email_field :email, :autofocus => true
%div= f.submit "Resend confirmation instructions"
= render "devise/shared/links"

View File

@ -0,0 +1,4 @@
%p
Welcome #{@email}!
%p You can confirm your account email through the link below:
%p= link_to 'Confirm my account', confirmation_url(@resource, :confirmation_token => @token)

View File

@ -0,0 +1,6 @@
%p
Hello #{@resource.email}!
%p Someone has requested a link to change your password. You can do this through the link below.
%p= link_to 'Change my password', edit_password_url(@resource, :reset_password_token => @token)
%p If you didn't request this, please ignore this email.
%p Your password won't change until you access the link above and create a new one.

View File

@ -0,0 +1,5 @@
%p
Hello #{@resource.email}!
%p Your account has been locked due to an excessive number of unsuccessful sign in attempts.
%p Click the link below to unlock your account:
%p= link_to 'Unlock my account', unlock_url(@resource, :unlock_token => @token)

View File

@ -0,0 +1,14 @@
%h2 Change your password
= form_for(resource, :as => resource_name, :url => password_path(resource_name), :html => { :method => :put }) do |f|
= devise_error_messages!
= f.hidden_field :reset_password_token
%div
= f.label :password, "New password"
%br/
= f.password_field :password, :autofocus => true
%div
= f.label :password_confirmation, "Confirm new password"
%br/
= f.password_field :password_confirmation
%div= f.submit "Change my password"
= render "devise/shared/links"

View File

@ -0,0 +1,9 @@
%h2 Forgot your password?
= form_for(resource, :as => resource_name, :url => password_path(resource_name), :html => { :method => :post }) do |f|
= devise_error_messages!
%div
= f.label :email
%br/
= f.email_field :email, :autofocus => true
%div= f.submit "Send me reset password instructions"
= render "devise/shared/links"

View File

@ -0,0 +1,30 @@
%h2
Edit #{resource_name.to_s.humanize}
= form_for(resource, :as => resource_name, :url => registration_path(resource_name), :html => { :method => :put }) do |f|
= devise_error_messages!
%div
= f.label :email
%br/
= f.email_field :email, :autofocus => true
- if devise_mapping.confirmable? && resource.pending_reconfirmation?
%div
Currently waiting confirmation for: #{resource.unconfirmed_email}
%div
= f.label :password
%i (leave blank if you don't want to change it)
%br/
= f.password_field :password, :autocomplete => "off"
%div
= f.label :password_confirmation
%br/
= f.password_field :password_confirmation
%div
= f.label :current_password
%i (we need your current password to confirm your changes)
%br/
= f.password_field :current_password
%div= f.submit "Update"
%h3 Cancel my account
%p
Unhappy? #{button_to "Cancel my account", registration_path(resource_name), :data => { :confirm => "Are you sure?" }, :method => :delete}
= link_to "Back", :back

View File

@ -0,0 +1,17 @@
%h2 Sign up
= form_for(resource, :as => resource_name, :url => registration_path(resource_name)) do |f|
= devise_error_messages!
%div
= f.label :email
%br/
= f.email_field :email, :autofocus => true
%div
= f.label :password
%br/
= f.password_field :password
%div
= f.label :password_confirmation
%br/
= f.password_field :password_confirmation
%div= f.submit "Sign up"
= render "devise/shared/links"

View File

@ -0,0 +1,19 @@
%h2=t '.title'
= form_for resource, as: resource_name, url: session_path(resource_name) do |f|
%div.field
= f.label :login
= f.text_field :login, autofocus: true
%div.field
= f.label :password
= f.password_field :password
- if devise_mapping.rememberable?
%div
= f.check_box :remember_me
= f.label :remember_me
%div= f.submit t('.sign_in')
= render "devise/shared/links"

View File

@ -0,0 +1,19 @@
- if controller_name != 'sessions'
= link_to "Sign in", new_session_path(resource_name)
%br/
- if devise_mapping.registerable? && controller_name != 'registrations'
= link_to "Sign up", new_registration_path(resource_name)
%br/
- if devise_mapping.recoverable? && controller_name != 'passwords' && controller_name != 'registrations'
= link_to "Forgot your password?", new_password_path(resource_name)
%br/
- if devise_mapping.confirmable? && controller_name != 'confirmations'
= link_to "Didn't receive confirmation instructions?", new_confirmation_path(resource_name)
%br/
- if devise_mapping.lockable? && resource_class.unlock_strategy_enabled?(:email) && controller_name != 'unlocks'
= link_to "Didn't receive unlock instructions?", new_unlock_path(resource_name)
%br/
- if devise_mapping.omniauthable?
- resource_class.omniauth_providers.each do |provider|
= link_to "Sign in with #{provider.to_s.titleize}", omniauth_authorize_path(resource_name, provider)
%br/

View File

@ -0,0 +1,9 @@
%h2 Resend unlock instructions
= form_for(resource, :as => resource_name, :url => unlock_path(resource_name), :html => { :method => :post }) do |f|
= devise_error_messages!
%div
= f.label :email
%br/
= f.email_field :email, :autofocus => true
%div= f.submit "Resend unlock instructions"
= render "devise/shared/links"

View File

@ -1,4 +1,4 @@
= form_for @event, url: moderation_path(@event) do |f| = form_for @event do |f|
- if @event.errors.any? - if @event.errors.any?
#error_explanation #error_explanation
%h2= "#{pluralize(@event.errors.count, "error")} prohibited this event from being saved:" %h2= "#{pluralize(@event.errors.count, "error")} prohibited this event from being saved:"
@ -62,7 +62,7 @@
.field .field
= f.label Event.human_attribute_name :region = f.label Event.human_attribute_name :region
= f.select :region, = f.select :region,
options_from_collection_for_select(Region.all, 'id', 'name', @event.region.id) options_from_collection_for_select(Region.all, 'id', 'name', @event.region && @event.region.id)
.field .field
= f.label Event.human_attribute_name :locality = f.label Event.human_attribute_name :locality
= f.select :locality, = f.select :locality,

View File

@ -2,7 +2,7 @@
- if @event && params[:visu] - if @event && params[:visu]
%hr/ %hr/
= render file: 'show' = render file: '/events/show'
%hr/ %hr/
= render 'form' = render 'form'

View File

@ -47,3 +47,5 @@
=t '.posted_by', =t '.posted_by',
author: "#{note.author.firstname} #{note.author.lastname}", author: "#{note.author.firstname} #{note.author.lastname}",
date: l(note.date, format: :at) date: l(note.date, format: :at)
.logout= link_to t('logout'), destroy_user_session_path, method: :delete

View File

@ -4,6 +4,7 @@ fr:
validate: Valider validate: Valider
refuse: Refuser refuse: Refuser
destroy: Supprimer destroy: Supprimer
logout: Se déconnecter
attributes: attributes:
id: ID id: ID
@ -26,7 +27,7 @@ fr:
lug: Gull lug: Gull
attributes: attributes:
user: user:
login: Identifiant login: Login
password: Mot de passe password: Mot de passe
lastname: Nom lastname: Nom
firstname: Prénom firstname: Prénom
@ -145,3 +146,12 @@ fr:
moderation: Modération moderation: Modération
preview: Prévisualisation de l'évènement preview: Prévisualisation de l'évènement
edit: Édition de l'évènement edit: Édition de l'évènement
users:
sign_in:
title: Identification
devise:
sessions:
new:
title: Identification
sign_in: Identifier

View File

@ -11,6 +11,7 @@ AgendaDuLibreRails::Application.routes.draw do
get 'ical.php' => 'events#index', format: :ics get 'ical.php' => 'events#index', format: :ics
get ':format.php' => 'events#index' get ':format.php' => 'events#index'
devise_for :users, path: '', path_names: {sign_in: 'login', sign_out: 'logout'}
devise_for :admin_users, ActiveAdmin::Devise.config devise_for :admin_users, ActiveAdmin::Devise.config
ActiveAdmin.routes(self) ActiveAdmin.routes(self)

View File

@ -18,7 +18,13 @@ class UsersControllerTest < ActionController::TestCase
test "should create user" do test "should create user" do
assert_difference('User.count') do assert_difference('User.count') do
post :create, user: { email: @user.email, firstname: @user.firstname, lastname: @user.lastname, login: @user.login } post :create, user: {
email: 'original@example.com',
firstname: @user.firstname,
lastname: @user.lastname,
login: @user.login,
password: 'abcdefghijklmnopqrstuvwxyz'
}
end end
assert_redirected_to user_path(assigns(:user)) assert_redirected_to user_path(assigns(:user))
@ -35,7 +41,12 @@ class UsersControllerTest < ActionController::TestCase
end end
test "should update user" do test "should update user" do
patch :update, id: @user, user: { email: @user.email, firstname: @user.firstname, lastname: @user.lastname, login: @user.login } patch :update, id: @user, user: {
email: @user.email,
firstname: @user.firstname,
lastname: @user.lastname,
login: @user.login
}
assert_redirected_to user_path(assigns(:user)) assert_redirected_to user_path(assigns(:user))
end end

View File

@ -1,10 +1,7 @@
# Read about fixtures at http://api.rubyonrails.org/classes/ActiveRecord/FixtureSet.html
# This model initially had no columns defined. If you add columns to the
# model remove the '{}' from the fixture names and add the columns immediately
# below each fixture, per the syntax in the comments below
one: one:
email: one@example.com email: one@example.com
firstname: first
lastname: last
login: aNiceLogin
two: two:
email: two@example.com email: two@example.com

View File

@ -1,7 +1,26 @@
require 'test_helper' require 'test_helper'
class UserTest < ActiveSupport::TestCase class UserTest < ActiveSupport::TestCase
test "the truth" do test "basic user" do
assert true @user = User.new(
email: 'original@example.com',
firstname: 'first',
lastname: 'last',
login: 'login',
password: 'abcdefghijklmnopqrstuvwxyz'
)
assert_not_nil @user
assert_equal 'c3fcd3d76192e4007dfb496cca67e13b', @user.encrypted_password
end
test "the password" do
@user = User.new(
email: 'original@example.com',
firstname: 'first',
lastname: 'last',
login: 'login',
password: 'abcdefghijklmnopqrstuvwxyz'
)
assert @user.valid_password? 'abcdefghijklmnopqrstuvwxyz'
end end
end end