L'authentification avec devise et un hash basique est en place
This commit is contained in:
parent
450f52ef43
commit
68f39cf5d6
|
@ -145,7 +145,7 @@ table.calendar
|
||||||
a
|
a
|
||||||
color: #8F4900
|
color: #8F4900
|
||||||
|
|
||||||
form
|
.events form
|
||||||
.field, .actions
|
.field, .actions
|
||||||
text-align: left
|
text-align: left
|
||||||
margin-left: 2px
|
margin-left: 2px
|
||||||
|
|
|
@ -23,7 +23,7 @@ table.list
|
||||||
font-weight: normal
|
font-weight: normal
|
||||||
text-decoration: none
|
text-decoration: none
|
||||||
&:hover
|
&:hover
|
||||||
text-shadow: 0px 0px 16px black
|
@include text-shadow(2px 2px 1px lightblue)
|
||||||
&:before
|
&:before
|
||||||
padding: 0.5em
|
padding: 0.5em
|
||||||
font-size: 20px
|
font-size: 20px
|
||||||
|
|
|
@ -0,0 +1,43 @@
|
||||||
|
@import "compass"
|
||||||
|
|
||||||
|
.sessions
|
||||||
|
form
|
||||||
|
margin: 1em auto
|
||||||
|
display: inline-block
|
||||||
|
.field, .actions
|
||||||
|
text-align: left
|
||||||
|
margin-left: 2px
|
||||||
|
margin-bottom: 2px !important
|
||||||
|
*
|
||||||
|
vertical-align: middle
|
||||||
|
p.helper
|
||||||
|
margin: 1px 5px 1px 6.6em
|
||||||
|
line-height: 0.9em
|
||||||
|
label
|
||||||
|
width: 8em
|
||||||
|
display: inline-block
|
||||||
|
text-align: right
|
||||||
|
&:after
|
||||||
|
content: ':'
|
||||||
|
input, textarea, select
|
||||||
|
color: black
|
||||||
|
margin: 3px 0
|
||||||
|
border: 1px solid #868686
|
||||||
|
padding: 0.2em 0.8em
|
||||||
|
font-size: larger
|
||||||
|
font-family: georgia, serif
|
||||||
|
background-color: #FFB
|
||||||
|
@include border-radius(0.8em)
|
||||||
|
&:focus
|
||||||
|
background-color: #F0F8FF !important
|
||||||
|
input[type=submit]
|
||||||
|
border: none
|
||||||
|
font-size: x-large
|
||||||
|
@include box-shadow(0 0 1em lightblue)
|
||||||
|
@include text-shadow(1px 1px 1px white)
|
||||||
|
.actions
|
||||||
|
margin-left: 6.75em
|
||||||
|
margin-bottom: 10px
|
||||||
|
|
||||||
|
.logout
|
||||||
|
margin: 2em auto
|
|
@ -36,8 +36,8 @@ class EventsController < InheritedResources::Base
|
||||||
# This is a special case, required to handle the region attribute with same foreign key name
|
# This is a special case, required to handle the region attribute with same foreign key name
|
||||||
@event.region = Region.find(params[:event][:region])
|
@event.region = Region.find(params[:event][:region])
|
||||||
|
|
||||||
if (params[:visu])
|
if params[:visu]
|
||||||
render action: 'new'
|
render action: :new
|
||||||
return
|
return
|
||||||
end
|
end
|
||||||
|
|
||||||
|
@ -57,7 +57,7 @@ class EventsController < InheritedResources::Base
|
||||||
def update
|
def update
|
||||||
if params[:visu]
|
if params[:visu]
|
||||||
@event.attributes = params[:event]
|
@event.attributes = params[:event]
|
||||||
render action: 'edit'
|
render action: :edit
|
||||||
return
|
return
|
||||||
end
|
end
|
||||||
|
|
||||||
|
|
|
@ -1,4 +1,5 @@
|
||||||
class ModerationsController < InheritedResources::Base
|
class ModerationsController < InheritedResources::Base
|
||||||
|
before_filter :authenticate_user!
|
||||||
before_action :set_event, only: [:show, :edit, :update, :destroy]
|
before_action :set_event, only: [:show, :edit, :update, :destroy]
|
||||||
|
|
||||||
def index
|
def index
|
||||||
|
|
|
@ -69,6 +69,6 @@ class UsersController < ApplicationController
|
||||||
|
|
||||||
# Never trust parameters from the scary internet, only allow the white list through.
|
# Never trust parameters from the scary internet, only allow the white list through.
|
||||||
def user_params
|
def user_params
|
||||||
params.require(:user).permit(:login, :email, :lastname, :firstname)
|
params.require(:user).permit(:login, :email, :lastname, :firstname, :password)
|
||||||
end
|
end
|
||||||
end
|
end
|
||||||
|
|
|
@ -29,7 +29,6 @@ class Event < ActiveRecord::Base
|
||||||
self.decision_time = Date.today
|
self.decision_time = Date.today
|
||||||
end
|
end
|
||||||
|
|
||||||
|
|
||||||
def same_day?
|
def same_day?
|
||||||
start_time.to_date == end_time.to_date
|
start_time.to_date == end_time.to_date
|
||||||
end
|
end
|
||||||
|
|
|
@ -1,3 +1,36 @@
|
||||||
|
require 'digest/md5'
|
||||||
|
|
||||||
class User < ActiveRecord::Base
|
class User < ActiveRecord::Base
|
||||||
|
# Include default devise modules. Others available are:
|
||||||
|
# :confirmable, :lockable, :timeoutable and :omniauthable
|
||||||
|
devise :database_authenticatable, authentication_keys: [:login]
|
||||||
|
#, :registerable, :validatable
|
||||||
|
|
||||||
has_many :notes
|
has_many :notes
|
||||||
|
|
||||||
|
def encrypted_password=(pass)
|
||||||
|
write_attribute :password, pass
|
||||||
|
end
|
||||||
|
|
||||||
|
def encrypted_password
|
||||||
|
read_attribute :password
|
||||||
|
end
|
||||||
|
|
||||||
|
def self.find_first_by_auth_conditions(warden_conditions)
|
||||||
|
conditions = warden_conditions.dup
|
||||||
|
if login = conditions.delete(:login)
|
||||||
|
where(conditions).where(["login = :value", { value: login }]).first
|
||||||
|
else
|
||||||
|
where(conditions).first
|
||||||
|
end
|
||||||
|
end
|
||||||
|
|
||||||
|
def valid_password?(password)
|
||||||
|
encrypted_password == password_digest(password)
|
||||||
|
end
|
||||||
|
|
||||||
|
protected
|
||||||
|
def password_digest(password)
|
||||||
|
Digest::MD5.hexdigest password
|
||||||
|
end
|
||||||
end
|
end
|
||||||
|
|
|
@ -0,0 +1,9 @@
|
||||||
|
%h2 Resend confirmation instructions
|
||||||
|
= form_for(resource, :as => resource_name, :url => confirmation_path(resource_name), :html => { :method => :post }) do |f|
|
||||||
|
= devise_error_messages!
|
||||||
|
%div
|
||||||
|
= f.label :email
|
||||||
|
%br/
|
||||||
|
= f.email_field :email, :autofocus => true
|
||||||
|
%div= f.submit "Resend confirmation instructions"
|
||||||
|
= render "devise/shared/links"
|
|
@ -0,0 +1,4 @@
|
||||||
|
%p
|
||||||
|
Welcome #{@email}!
|
||||||
|
%p You can confirm your account email through the link below:
|
||||||
|
%p= link_to 'Confirm my account', confirmation_url(@resource, :confirmation_token => @token)
|
|
@ -0,0 +1,6 @@
|
||||||
|
%p
|
||||||
|
Hello #{@resource.email}!
|
||||||
|
%p Someone has requested a link to change your password. You can do this through the link below.
|
||||||
|
%p= link_to 'Change my password', edit_password_url(@resource, :reset_password_token => @token)
|
||||||
|
%p If you didn't request this, please ignore this email.
|
||||||
|
%p Your password won't change until you access the link above and create a new one.
|
|
@ -0,0 +1,5 @@
|
||||||
|
%p
|
||||||
|
Hello #{@resource.email}!
|
||||||
|
%p Your account has been locked due to an excessive number of unsuccessful sign in attempts.
|
||||||
|
%p Click the link below to unlock your account:
|
||||||
|
%p= link_to 'Unlock my account', unlock_url(@resource, :unlock_token => @token)
|
|
@ -0,0 +1,14 @@
|
||||||
|
%h2 Change your password
|
||||||
|
= form_for(resource, :as => resource_name, :url => password_path(resource_name), :html => { :method => :put }) do |f|
|
||||||
|
= devise_error_messages!
|
||||||
|
= f.hidden_field :reset_password_token
|
||||||
|
%div
|
||||||
|
= f.label :password, "New password"
|
||||||
|
%br/
|
||||||
|
= f.password_field :password, :autofocus => true
|
||||||
|
%div
|
||||||
|
= f.label :password_confirmation, "Confirm new password"
|
||||||
|
%br/
|
||||||
|
= f.password_field :password_confirmation
|
||||||
|
%div= f.submit "Change my password"
|
||||||
|
= render "devise/shared/links"
|
|
@ -0,0 +1,9 @@
|
||||||
|
%h2 Forgot your password?
|
||||||
|
= form_for(resource, :as => resource_name, :url => password_path(resource_name), :html => { :method => :post }) do |f|
|
||||||
|
= devise_error_messages!
|
||||||
|
%div
|
||||||
|
= f.label :email
|
||||||
|
%br/
|
||||||
|
= f.email_field :email, :autofocus => true
|
||||||
|
%div= f.submit "Send me reset password instructions"
|
||||||
|
= render "devise/shared/links"
|
|
@ -0,0 +1,30 @@
|
||||||
|
%h2
|
||||||
|
Edit #{resource_name.to_s.humanize}
|
||||||
|
= form_for(resource, :as => resource_name, :url => registration_path(resource_name), :html => { :method => :put }) do |f|
|
||||||
|
= devise_error_messages!
|
||||||
|
%div
|
||||||
|
= f.label :email
|
||||||
|
%br/
|
||||||
|
= f.email_field :email, :autofocus => true
|
||||||
|
- if devise_mapping.confirmable? && resource.pending_reconfirmation?
|
||||||
|
%div
|
||||||
|
Currently waiting confirmation for: #{resource.unconfirmed_email}
|
||||||
|
%div
|
||||||
|
= f.label :password
|
||||||
|
%i (leave blank if you don't want to change it)
|
||||||
|
%br/
|
||||||
|
= f.password_field :password, :autocomplete => "off"
|
||||||
|
%div
|
||||||
|
= f.label :password_confirmation
|
||||||
|
%br/
|
||||||
|
= f.password_field :password_confirmation
|
||||||
|
%div
|
||||||
|
= f.label :current_password
|
||||||
|
%i (we need your current password to confirm your changes)
|
||||||
|
%br/
|
||||||
|
= f.password_field :current_password
|
||||||
|
%div= f.submit "Update"
|
||||||
|
%h3 Cancel my account
|
||||||
|
%p
|
||||||
|
Unhappy? #{button_to "Cancel my account", registration_path(resource_name), :data => { :confirm => "Are you sure?" }, :method => :delete}
|
||||||
|
= link_to "Back", :back
|
|
@ -0,0 +1,17 @@
|
||||||
|
%h2 Sign up
|
||||||
|
= form_for(resource, :as => resource_name, :url => registration_path(resource_name)) do |f|
|
||||||
|
= devise_error_messages!
|
||||||
|
%div
|
||||||
|
= f.label :email
|
||||||
|
%br/
|
||||||
|
= f.email_field :email, :autofocus => true
|
||||||
|
%div
|
||||||
|
= f.label :password
|
||||||
|
%br/
|
||||||
|
= f.password_field :password
|
||||||
|
%div
|
||||||
|
= f.label :password_confirmation
|
||||||
|
%br/
|
||||||
|
= f.password_field :password_confirmation
|
||||||
|
%div= f.submit "Sign up"
|
||||||
|
= render "devise/shared/links"
|
|
@ -0,0 +1,19 @@
|
||||||
|
%h2=t '.title'
|
||||||
|
|
||||||
|
= form_for resource, as: resource_name, url: session_path(resource_name) do |f|
|
||||||
|
%div.field
|
||||||
|
= f.label :login
|
||||||
|
= f.text_field :login, autofocus: true
|
||||||
|
|
||||||
|
%div.field
|
||||||
|
= f.label :password
|
||||||
|
= f.password_field :password
|
||||||
|
|
||||||
|
- if devise_mapping.rememberable?
|
||||||
|
%div
|
||||||
|
= f.check_box :remember_me
|
||||||
|
= f.label :remember_me
|
||||||
|
|
||||||
|
%div= f.submit t('.sign_in')
|
||||||
|
|
||||||
|
= render "devise/shared/links"
|
|
@ -0,0 +1,19 @@
|
||||||
|
- if controller_name != 'sessions'
|
||||||
|
= link_to "Sign in", new_session_path(resource_name)
|
||||||
|
%br/
|
||||||
|
- if devise_mapping.registerable? && controller_name != 'registrations'
|
||||||
|
= link_to "Sign up", new_registration_path(resource_name)
|
||||||
|
%br/
|
||||||
|
- if devise_mapping.recoverable? && controller_name != 'passwords' && controller_name != 'registrations'
|
||||||
|
= link_to "Forgot your password?", new_password_path(resource_name)
|
||||||
|
%br/
|
||||||
|
- if devise_mapping.confirmable? && controller_name != 'confirmations'
|
||||||
|
= link_to "Didn't receive confirmation instructions?", new_confirmation_path(resource_name)
|
||||||
|
%br/
|
||||||
|
- if devise_mapping.lockable? && resource_class.unlock_strategy_enabled?(:email) && controller_name != 'unlocks'
|
||||||
|
= link_to "Didn't receive unlock instructions?", new_unlock_path(resource_name)
|
||||||
|
%br/
|
||||||
|
- if devise_mapping.omniauthable?
|
||||||
|
- resource_class.omniauth_providers.each do |provider|
|
||||||
|
= link_to "Sign in with #{provider.to_s.titleize}", omniauth_authorize_path(resource_name, provider)
|
||||||
|
%br/
|
|
@ -0,0 +1,9 @@
|
||||||
|
%h2 Resend unlock instructions
|
||||||
|
= form_for(resource, :as => resource_name, :url => unlock_path(resource_name), :html => { :method => :post }) do |f|
|
||||||
|
= devise_error_messages!
|
||||||
|
%div
|
||||||
|
= f.label :email
|
||||||
|
%br/
|
||||||
|
= f.email_field :email, :autofocus => true
|
||||||
|
%div= f.submit "Resend unlock instructions"
|
||||||
|
= render "devise/shared/links"
|
|
@ -1,4 +1,4 @@
|
||||||
= form_for @event, url: moderation_path(@event) do |f|
|
= form_for @event do |f|
|
||||||
- if @event.errors.any?
|
- if @event.errors.any?
|
||||||
#error_explanation
|
#error_explanation
|
||||||
%h2= "#{pluralize(@event.errors.count, "error")} prohibited this event from being saved:"
|
%h2= "#{pluralize(@event.errors.count, "error")} prohibited this event from being saved:"
|
||||||
|
@ -62,7 +62,7 @@
|
||||||
.field
|
.field
|
||||||
= f.label Event.human_attribute_name :region
|
= f.label Event.human_attribute_name :region
|
||||||
= f.select :region,
|
= f.select :region,
|
||||||
options_from_collection_for_select(Region.all, 'id', 'name', @event.region.id)
|
options_from_collection_for_select(Region.all, 'id', 'name', @event.region && @event.region.id)
|
||||||
.field
|
.field
|
||||||
= f.label Event.human_attribute_name :locality
|
= f.label Event.human_attribute_name :locality
|
||||||
= f.select :locality,
|
= f.select :locality,
|
||||||
|
|
|
@ -2,7 +2,7 @@
|
||||||
|
|
||||||
- if @event && params[:visu]
|
- if @event && params[:visu]
|
||||||
%hr/
|
%hr/
|
||||||
= render file: 'show'
|
= render file: '/events/show'
|
||||||
%hr/
|
%hr/
|
||||||
|
|
||||||
= render 'form'
|
= render 'form'
|
||||||
|
|
|
@ -47,3 +47,5 @@
|
||||||
=t '.posted_by',
|
=t '.posted_by',
|
||||||
author: "#{note.author.firstname} #{note.author.lastname}",
|
author: "#{note.author.firstname} #{note.author.lastname}",
|
||||||
date: l(note.date, format: :at)
|
date: l(note.date, format: :at)
|
||||||
|
|
||||||
|
.logout= link_to t('logout'), destroy_user_session_path, method: :delete
|
||||||
|
|
|
@ -4,6 +4,7 @@ fr:
|
||||||
validate: Valider
|
validate: Valider
|
||||||
refuse: Refuser
|
refuse: Refuser
|
||||||
destroy: Supprimer
|
destroy: Supprimer
|
||||||
|
logout: Se déconnecter
|
||||||
|
|
||||||
attributes:
|
attributes:
|
||||||
id: ID
|
id: ID
|
||||||
|
@ -26,7 +27,7 @@ fr:
|
||||||
lug: Gull
|
lug: Gull
|
||||||
attributes:
|
attributes:
|
||||||
user:
|
user:
|
||||||
login: Identifiant
|
login: Login
|
||||||
password: Mot de passe
|
password: Mot de passe
|
||||||
lastname: Nom
|
lastname: Nom
|
||||||
firstname: Prénom
|
firstname: Prénom
|
||||||
|
@ -145,3 +146,12 @@ fr:
|
||||||
moderation: Modération
|
moderation: Modération
|
||||||
preview: Prévisualisation de l'évènement
|
preview: Prévisualisation de l'évènement
|
||||||
edit: Édition de l'évènement
|
edit: Édition de l'évènement
|
||||||
|
users:
|
||||||
|
sign_in:
|
||||||
|
title: Identification
|
||||||
|
|
||||||
|
devise:
|
||||||
|
sessions:
|
||||||
|
new:
|
||||||
|
title: Identification
|
||||||
|
sign_in: Identifier
|
||||||
|
|
|
@ -11,6 +11,7 @@ AgendaDuLibreRails::Application.routes.draw do
|
||||||
get 'ical.php' => 'events#index', format: :ics
|
get 'ical.php' => 'events#index', format: :ics
|
||||||
get ':format.php' => 'events#index'
|
get ':format.php' => 'events#index'
|
||||||
|
|
||||||
|
devise_for :users, path: '', path_names: {sign_in: 'login', sign_out: 'logout'}
|
||||||
devise_for :admin_users, ActiveAdmin::Devise.config
|
devise_for :admin_users, ActiveAdmin::Devise.config
|
||||||
ActiveAdmin.routes(self)
|
ActiveAdmin.routes(self)
|
||||||
|
|
||||||
|
|
|
@ -18,7 +18,13 @@ class UsersControllerTest < ActionController::TestCase
|
||||||
|
|
||||||
test "should create user" do
|
test "should create user" do
|
||||||
assert_difference('User.count') do
|
assert_difference('User.count') do
|
||||||
post :create, user: { email: @user.email, firstname: @user.firstname, lastname: @user.lastname, login: @user.login }
|
post :create, user: {
|
||||||
|
email: 'original@example.com',
|
||||||
|
firstname: @user.firstname,
|
||||||
|
lastname: @user.lastname,
|
||||||
|
login: @user.login,
|
||||||
|
password: 'abcdefghijklmnopqrstuvwxyz'
|
||||||
|
}
|
||||||
end
|
end
|
||||||
|
|
||||||
assert_redirected_to user_path(assigns(:user))
|
assert_redirected_to user_path(assigns(:user))
|
||||||
|
@ -35,7 +41,12 @@ class UsersControllerTest < ActionController::TestCase
|
||||||
end
|
end
|
||||||
|
|
||||||
test "should update user" do
|
test "should update user" do
|
||||||
patch :update, id: @user, user: { email: @user.email, firstname: @user.firstname, lastname: @user.lastname, login: @user.login }
|
patch :update, id: @user, user: {
|
||||||
|
email: @user.email,
|
||||||
|
firstname: @user.firstname,
|
||||||
|
lastname: @user.lastname,
|
||||||
|
login: @user.login
|
||||||
|
}
|
||||||
assert_redirected_to user_path(assigns(:user))
|
assert_redirected_to user_path(assigns(:user))
|
||||||
end
|
end
|
||||||
|
|
||||||
|
|
|
@ -1,10 +1,7 @@
|
||||||
# Read about fixtures at http://api.rubyonrails.org/classes/ActiveRecord/FixtureSet.html
|
|
||||||
|
|
||||||
# This model initially had no columns defined. If you add columns to the
|
|
||||||
# model remove the '{}' from the fixture names and add the columns immediately
|
|
||||||
# below each fixture, per the syntax in the comments below
|
|
||||||
|
|
||||||
one:
|
one:
|
||||||
email: one@example.com
|
email: one@example.com
|
||||||
|
firstname: first
|
||||||
|
lastname: last
|
||||||
|
login: aNiceLogin
|
||||||
two:
|
two:
|
||||||
email: two@example.com
|
email: two@example.com
|
||||||
|
|
|
@ -1,7 +1,26 @@
|
||||||
require 'test_helper'
|
require 'test_helper'
|
||||||
|
|
||||||
class UserTest < ActiveSupport::TestCase
|
class UserTest < ActiveSupport::TestCase
|
||||||
test "the truth" do
|
test "basic user" do
|
||||||
assert true
|
@user = User.new(
|
||||||
|
email: 'original@example.com',
|
||||||
|
firstname: 'first',
|
||||||
|
lastname: 'last',
|
||||||
|
login: 'login',
|
||||||
|
password: 'abcdefghijklmnopqrstuvwxyz'
|
||||||
|
)
|
||||||
|
assert_not_nil @user
|
||||||
|
assert_equal 'c3fcd3d76192e4007dfb496cca67e13b', @user.encrypted_password
|
||||||
|
end
|
||||||
|
|
||||||
|
test "the password" do
|
||||||
|
@user = User.new(
|
||||||
|
email: 'original@example.com',
|
||||||
|
firstname: 'first',
|
||||||
|
lastname: 'last',
|
||||||
|
login: 'login',
|
||||||
|
password: 'abcdefghijklmnopqrstuvwxyz'
|
||||||
|
)
|
||||||
|
assert @user.valid_password? 'abcdefghijklmnopqrstuvwxyz'
|
||||||
end
|
end
|
||||||
end
|
end
|
||||||
|
|
Loading…
Reference in New Issue