L'authentification avec devise et un hash basique est en place
This commit is contained in:
parent
450f52ef43
commit
68f39cf5d6
|
@ -145,7 +145,7 @@ table.calendar
|
|||
a
|
||||
color: #8F4900
|
||||
|
||||
form
|
||||
.events form
|
||||
.field, .actions
|
||||
text-align: left
|
||||
margin-left: 2px
|
||||
|
|
|
@ -23,7 +23,7 @@ table.list
|
|||
font-weight: normal
|
||||
text-decoration: none
|
||||
&:hover
|
||||
text-shadow: 0px 0px 16px black
|
||||
@include text-shadow(2px 2px 1px lightblue)
|
||||
&:before
|
||||
padding: 0.5em
|
||||
font-size: 20px
|
||||
|
|
|
@ -0,0 +1,43 @@
|
|||
@import "compass"
|
||||
|
||||
.sessions
|
||||
form
|
||||
margin: 1em auto
|
||||
display: inline-block
|
||||
.field, .actions
|
||||
text-align: left
|
||||
margin-left: 2px
|
||||
margin-bottom: 2px !important
|
||||
*
|
||||
vertical-align: middle
|
||||
p.helper
|
||||
margin: 1px 5px 1px 6.6em
|
||||
line-height: 0.9em
|
||||
label
|
||||
width: 8em
|
||||
display: inline-block
|
||||
text-align: right
|
||||
&:after
|
||||
content: ':'
|
||||
input, textarea, select
|
||||
color: black
|
||||
margin: 3px 0
|
||||
border: 1px solid #868686
|
||||
padding: 0.2em 0.8em
|
||||
font-size: larger
|
||||
font-family: georgia, serif
|
||||
background-color: #FFB
|
||||
@include border-radius(0.8em)
|
||||
&:focus
|
||||
background-color: #F0F8FF !important
|
||||
input[type=submit]
|
||||
border: none
|
||||
font-size: x-large
|
||||
@include box-shadow(0 0 1em lightblue)
|
||||
@include text-shadow(1px 1px 1px white)
|
||||
.actions
|
||||
margin-left: 6.75em
|
||||
margin-bottom: 10px
|
||||
|
||||
.logout
|
||||
margin: 2em auto
|
|
@ -36,8 +36,8 @@ class EventsController < InheritedResources::Base
|
|||
# This is a special case, required to handle the region attribute with same foreign key name
|
||||
@event.region = Region.find(params[:event][:region])
|
||||
|
||||
if (params[:visu])
|
||||
render action: 'new'
|
||||
if params[:visu]
|
||||
render action: :new
|
||||
return
|
||||
end
|
||||
|
||||
|
@ -57,7 +57,7 @@ class EventsController < InheritedResources::Base
|
|||
def update
|
||||
if params[:visu]
|
||||
@event.attributes = params[:event]
|
||||
render action: 'edit'
|
||||
render action: :edit
|
||||
return
|
||||
end
|
||||
|
||||
|
|
|
@ -1,4 +1,5 @@
|
|||
class ModerationsController < InheritedResources::Base
|
||||
before_filter :authenticate_user!
|
||||
before_action :set_event, only: [:show, :edit, :update, :destroy]
|
||||
|
||||
def index
|
||||
|
|
|
@ -69,6 +69,6 @@ class UsersController < ApplicationController
|
|||
|
||||
# Never trust parameters from the scary internet, only allow the white list through.
|
||||
def user_params
|
||||
params.require(:user).permit(:login, :email, :lastname, :firstname)
|
||||
params.require(:user).permit(:login, :email, :lastname, :firstname, :password)
|
||||
end
|
||||
end
|
||||
|
|
|
@ -29,7 +29,6 @@ class Event < ActiveRecord::Base
|
|||
self.decision_time = Date.today
|
||||
end
|
||||
|
||||
|
||||
def same_day?
|
||||
start_time.to_date == end_time.to_date
|
||||
end
|
||||
|
|
|
@ -1,3 +1,36 @@
|
|||
require 'digest/md5'
|
||||
|
||||
class User < ActiveRecord::Base
|
||||
# Include default devise modules. Others available are:
|
||||
# :confirmable, :lockable, :timeoutable and :omniauthable
|
||||
devise :database_authenticatable, authentication_keys: [:login]
|
||||
#, :registerable, :validatable
|
||||
|
||||
has_many :notes
|
||||
|
||||
def encrypted_password=(pass)
|
||||
write_attribute :password, pass
|
||||
end
|
||||
|
||||
def encrypted_password
|
||||
read_attribute :password
|
||||
end
|
||||
|
||||
def self.find_first_by_auth_conditions(warden_conditions)
|
||||
conditions = warden_conditions.dup
|
||||
if login = conditions.delete(:login)
|
||||
where(conditions).where(["login = :value", { value: login }]).first
|
||||
else
|
||||
where(conditions).first
|
||||
end
|
||||
end
|
||||
|
||||
def valid_password?(password)
|
||||
encrypted_password == password_digest(password)
|
||||
end
|
||||
|
||||
protected
|
||||
def password_digest(password)
|
||||
Digest::MD5.hexdigest password
|
||||
end
|
||||
end
|
||||
|
|
|
@ -0,0 +1,9 @@
|
|||
%h2 Resend confirmation instructions
|
||||
= form_for(resource, :as => resource_name, :url => confirmation_path(resource_name), :html => { :method => :post }) do |f|
|
||||
= devise_error_messages!
|
||||
%div
|
||||
= f.label :email
|
||||
%br/
|
||||
= f.email_field :email, :autofocus => true
|
||||
%div= f.submit "Resend confirmation instructions"
|
||||
= render "devise/shared/links"
|
|
@ -0,0 +1,4 @@
|
|||
%p
|
||||
Welcome #{@email}!
|
||||
%p You can confirm your account email through the link below:
|
||||
%p= link_to 'Confirm my account', confirmation_url(@resource, :confirmation_token => @token)
|
|
@ -0,0 +1,6 @@
|
|||
%p
|
||||
Hello #{@resource.email}!
|
||||
%p Someone has requested a link to change your password. You can do this through the link below.
|
||||
%p= link_to 'Change my password', edit_password_url(@resource, :reset_password_token => @token)
|
||||
%p If you didn't request this, please ignore this email.
|
||||
%p Your password won't change until you access the link above and create a new one.
|
|
@ -0,0 +1,5 @@
|
|||
%p
|
||||
Hello #{@resource.email}!
|
||||
%p Your account has been locked due to an excessive number of unsuccessful sign in attempts.
|
||||
%p Click the link below to unlock your account:
|
||||
%p= link_to 'Unlock my account', unlock_url(@resource, :unlock_token => @token)
|
|
@ -0,0 +1,14 @@
|
|||
%h2 Change your password
|
||||
= form_for(resource, :as => resource_name, :url => password_path(resource_name), :html => { :method => :put }) do |f|
|
||||
= devise_error_messages!
|
||||
= f.hidden_field :reset_password_token
|
||||
%div
|
||||
= f.label :password, "New password"
|
||||
%br/
|
||||
= f.password_field :password, :autofocus => true
|
||||
%div
|
||||
= f.label :password_confirmation, "Confirm new password"
|
||||
%br/
|
||||
= f.password_field :password_confirmation
|
||||
%div= f.submit "Change my password"
|
||||
= render "devise/shared/links"
|
|
@ -0,0 +1,9 @@
|
|||
%h2 Forgot your password?
|
||||
= form_for(resource, :as => resource_name, :url => password_path(resource_name), :html => { :method => :post }) do |f|
|
||||
= devise_error_messages!
|
||||
%div
|
||||
= f.label :email
|
||||
%br/
|
||||
= f.email_field :email, :autofocus => true
|
||||
%div= f.submit "Send me reset password instructions"
|
||||
= render "devise/shared/links"
|
|
@ -0,0 +1,30 @@
|
|||
%h2
|
||||
Edit #{resource_name.to_s.humanize}
|
||||
= form_for(resource, :as => resource_name, :url => registration_path(resource_name), :html => { :method => :put }) do |f|
|
||||
= devise_error_messages!
|
||||
%div
|
||||
= f.label :email
|
||||
%br/
|
||||
= f.email_field :email, :autofocus => true
|
||||
- if devise_mapping.confirmable? && resource.pending_reconfirmation?
|
||||
%div
|
||||
Currently waiting confirmation for: #{resource.unconfirmed_email}
|
||||
%div
|
||||
= f.label :password
|
||||
%i (leave blank if you don't want to change it)
|
||||
%br/
|
||||
= f.password_field :password, :autocomplete => "off"
|
||||
%div
|
||||
= f.label :password_confirmation
|
||||
%br/
|
||||
= f.password_field :password_confirmation
|
||||
%div
|
||||
= f.label :current_password
|
||||
%i (we need your current password to confirm your changes)
|
||||
%br/
|
||||
= f.password_field :current_password
|
||||
%div= f.submit "Update"
|
||||
%h3 Cancel my account
|
||||
%p
|
||||
Unhappy? #{button_to "Cancel my account", registration_path(resource_name), :data => { :confirm => "Are you sure?" }, :method => :delete}
|
||||
= link_to "Back", :back
|
|
@ -0,0 +1,17 @@
|
|||
%h2 Sign up
|
||||
= form_for(resource, :as => resource_name, :url => registration_path(resource_name)) do |f|
|
||||
= devise_error_messages!
|
||||
%div
|
||||
= f.label :email
|
||||
%br/
|
||||
= f.email_field :email, :autofocus => true
|
||||
%div
|
||||
= f.label :password
|
||||
%br/
|
||||
= f.password_field :password
|
||||
%div
|
||||
= f.label :password_confirmation
|
||||
%br/
|
||||
= f.password_field :password_confirmation
|
||||
%div= f.submit "Sign up"
|
||||
= render "devise/shared/links"
|
|
@ -0,0 +1,19 @@
|
|||
%h2=t '.title'
|
||||
|
||||
= form_for resource, as: resource_name, url: session_path(resource_name) do |f|
|
||||
%div.field
|
||||
= f.label :login
|
||||
= f.text_field :login, autofocus: true
|
||||
|
||||
%div.field
|
||||
= f.label :password
|
||||
= f.password_field :password
|
||||
|
||||
- if devise_mapping.rememberable?
|
||||
%div
|
||||
= f.check_box :remember_me
|
||||
= f.label :remember_me
|
||||
|
||||
%div= f.submit t('.sign_in')
|
||||
|
||||
= render "devise/shared/links"
|
|
@ -0,0 +1,19 @@
|
|||
- if controller_name != 'sessions'
|
||||
= link_to "Sign in", new_session_path(resource_name)
|
||||
%br/
|
||||
- if devise_mapping.registerable? && controller_name != 'registrations'
|
||||
= link_to "Sign up", new_registration_path(resource_name)
|
||||
%br/
|
||||
- if devise_mapping.recoverable? && controller_name != 'passwords' && controller_name != 'registrations'
|
||||
= link_to "Forgot your password?", new_password_path(resource_name)
|
||||
%br/
|
||||
- if devise_mapping.confirmable? && controller_name != 'confirmations'
|
||||
= link_to "Didn't receive confirmation instructions?", new_confirmation_path(resource_name)
|
||||
%br/
|
||||
- if devise_mapping.lockable? && resource_class.unlock_strategy_enabled?(:email) && controller_name != 'unlocks'
|
||||
= link_to "Didn't receive unlock instructions?", new_unlock_path(resource_name)
|
||||
%br/
|
||||
- if devise_mapping.omniauthable?
|
||||
- resource_class.omniauth_providers.each do |provider|
|
||||
= link_to "Sign in with #{provider.to_s.titleize}", omniauth_authorize_path(resource_name, provider)
|
||||
%br/
|
|
@ -0,0 +1,9 @@
|
|||
%h2 Resend unlock instructions
|
||||
= form_for(resource, :as => resource_name, :url => unlock_path(resource_name), :html => { :method => :post }) do |f|
|
||||
= devise_error_messages!
|
||||
%div
|
||||
= f.label :email
|
||||
%br/
|
||||
= f.email_field :email, :autofocus => true
|
||||
%div= f.submit "Resend unlock instructions"
|
||||
= render "devise/shared/links"
|
|
@ -1,4 +1,4 @@
|
|||
= form_for @event, url: moderation_path(@event) do |f|
|
||||
= form_for @event do |f|
|
||||
- if @event.errors.any?
|
||||
#error_explanation
|
||||
%h2= "#{pluralize(@event.errors.count, "error")} prohibited this event from being saved:"
|
||||
|
@ -62,7 +62,7 @@
|
|||
.field
|
||||
= f.label Event.human_attribute_name :region
|
||||
= f.select :region,
|
||||
options_from_collection_for_select(Region.all, 'id', 'name', @event.region.id)
|
||||
options_from_collection_for_select(Region.all, 'id', 'name', @event.region && @event.region.id)
|
||||
.field
|
||||
= f.label Event.human_attribute_name :locality
|
||||
= f.select :locality,
|
||||
|
|
|
@ -2,7 +2,7 @@
|
|||
|
||||
- if @event && params[:visu]
|
||||
%hr/
|
||||
= render file: 'show'
|
||||
= render file: '/events/show'
|
||||
%hr/
|
||||
|
||||
= render 'form'
|
||||
|
|
|
@ -47,3 +47,5 @@
|
|||
=t '.posted_by',
|
||||
author: "#{note.author.firstname} #{note.author.lastname}",
|
||||
date: l(note.date, format: :at)
|
||||
|
||||
.logout= link_to t('logout'), destroy_user_session_path, method: :delete
|
||||
|
|
|
@ -4,6 +4,7 @@ fr:
|
|||
validate: Valider
|
||||
refuse: Refuser
|
||||
destroy: Supprimer
|
||||
logout: Se déconnecter
|
||||
|
||||
attributes:
|
||||
id: ID
|
||||
|
@ -26,7 +27,7 @@ fr:
|
|||
lug: Gull
|
||||
attributes:
|
||||
user:
|
||||
login: Identifiant
|
||||
login: Login
|
||||
password: Mot de passe
|
||||
lastname: Nom
|
||||
firstname: Prénom
|
||||
|
@ -145,3 +146,12 @@ fr:
|
|||
moderation: Modération
|
||||
preview: Prévisualisation de l'évènement
|
||||
edit: Édition de l'évènement
|
||||
users:
|
||||
sign_in:
|
||||
title: Identification
|
||||
|
||||
devise:
|
||||
sessions:
|
||||
new:
|
||||
title: Identification
|
||||
sign_in: Identifier
|
||||
|
|
|
@ -11,6 +11,7 @@ AgendaDuLibreRails::Application.routes.draw do
|
|||
get 'ical.php' => 'events#index', format: :ics
|
||||
get ':format.php' => 'events#index'
|
||||
|
||||
devise_for :users, path: '', path_names: {sign_in: 'login', sign_out: 'logout'}
|
||||
devise_for :admin_users, ActiveAdmin::Devise.config
|
||||
ActiveAdmin.routes(self)
|
||||
|
||||
|
|
|
@ -18,7 +18,13 @@ class UsersControllerTest < ActionController::TestCase
|
|||
|
||||
test "should create user" do
|
||||
assert_difference('User.count') do
|
||||
post :create, user: { email: @user.email, firstname: @user.firstname, lastname: @user.lastname, login: @user.login }
|
||||
post :create, user: {
|
||||
email: 'original@example.com',
|
||||
firstname: @user.firstname,
|
||||
lastname: @user.lastname,
|
||||
login: @user.login,
|
||||
password: 'abcdefghijklmnopqrstuvwxyz'
|
||||
}
|
||||
end
|
||||
|
||||
assert_redirected_to user_path(assigns(:user))
|
||||
|
@ -35,7 +41,12 @@ class UsersControllerTest < ActionController::TestCase
|
|||
end
|
||||
|
||||
test "should update user" do
|
||||
patch :update, id: @user, user: { email: @user.email, firstname: @user.firstname, lastname: @user.lastname, login: @user.login }
|
||||
patch :update, id: @user, user: {
|
||||
email: @user.email,
|
||||
firstname: @user.firstname,
|
||||
lastname: @user.lastname,
|
||||
login: @user.login
|
||||
}
|
||||
assert_redirected_to user_path(assigns(:user))
|
||||
end
|
||||
|
||||
|
|
|
@ -1,10 +1,7 @@
|
|||
# Read about fixtures at http://api.rubyonrails.org/classes/ActiveRecord/FixtureSet.html
|
||||
|
||||
# This model initially had no columns defined. If you add columns to the
|
||||
# model remove the '{}' from the fixture names and add the columns immediately
|
||||
# below each fixture, per the syntax in the comments below
|
||||
|
||||
one:
|
||||
email: one@example.com
|
||||
firstname: first
|
||||
lastname: last
|
||||
login: aNiceLogin
|
||||
two:
|
||||
email: two@example.com
|
||||
|
|
|
@ -1,7 +1,26 @@
|
|||
require 'test_helper'
|
||||
|
||||
class UserTest < ActiveSupport::TestCase
|
||||
test "the truth" do
|
||||
assert true
|
||||
test "basic user" do
|
||||
@user = User.new(
|
||||
email: 'original@example.com',
|
||||
firstname: 'first',
|
||||
lastname: 'last',
|
||||
login: 'login',
|
||||
password: 'abcdefghijklmnopqrstuvwxyz'
|
||||
)
|
||||
assert_not_nil @user
|
||||
assert_equal 'c3fcd3d76192e4007dfb496cca67e13b', @user.encrypted_password
|
||||
end
|
||||
|
||||
test "the password" do
|
||||
@user = User.new(
|
||||
email: 'original@example.com',
|
||||
firstname: 'first',
|
||||
lastname: 'last',
|
||||
login: 'login',
|
||||
password: 'abcdefghijklmnopqrstuvwxyz'
|
||||
)
|
||||
assert @user.valid_password? 'abcdefghijklmnopqrstuvwxyz'
|
||||
end
|
||||
end
|
||||
|
|
Loading…
Reference in New Issue