Commit 8b95925b authored by pei-chi.huang's avatar pei-chi.huang
Browse files

Merge branch '28-devise-integration' into 'init19'

Resolve "devise integration"

Closes #28

See merge request !19
parents e09b9ba2 c6f0bef8
......@@ -6,6 +6,8 @@ gem 'rails', '~> 5.0.0'
gem 'bcrypt','~>3.1.11'
gem 'devise'
gem 'will_paginate', '~> 3.1.0'
gem 'bootstrap-will_paginate', '~> 0.0.10'
gem 'font-awesome-rails'
......
......@@ -92,6 +92,12 @@ GEM
delayed_job_active_record (4.1.4)
activerecord (>= 3.0, < 6.1)
delayed_job (>= 3.0, < 5)
devise (4.7.1)
bcrypt (~> 3.0)
orm_adapter (~> 0.1)
railties (>= 4.1.0)
responders
warden (~> 1.2.3)
dotenv (2.7.5)
dotenv-rails (2.7.5)
dotenv (= 2.7.5)
......@@ -136,6 +142,7 @@ GEM
nio4r (2.5.2)
nokogiri (1.10.5)
mini_portile2 (~> 2.4.0)
orm_adapter (0.5.0)
pdf-core (0.7.0)
pg (1.1.4)
prawn (2.2.2)
......@@ -174,6 +181,9 @@ GEM
rb-fsevent (0.10.3)
rb-inotify (0.10.0)
ffi (~> 1.0)
responders (2.4.1)
actionpack (>= 4.2.0, < 6.0)
railties (>= 4.2.0, < 6.0)
rubyzip (2.0.0)
sablon (0.3.2)
nokogiri (>= 1.8.5)
......@@ -217,6 +227,8 @@ GEM
unicorn (5.5.1)
kgio (~> 2.6)
raindrops (~> 0.7)
warden (1.2.7)
rack (>= 1.0)
web-console (3.7.0)
actionview (>= 5.0)
activemodel (>= 5.0)
......@@ -245,6 +257,7 @@ DEPENDENCIES
coffee-rails (~> 4.2)
daemons
delayed_job_active_record
devise
dotenv-rails
font-awesome-rails
jbuilder (~> 2.5)
......
class ApplicationController < ActionController::Base
protect_from_forgery with: :exception
before_action :authenticate_user!
include SessionsHelper
end
before_action :configure_permitted_parameters, if: :devise_controller?
def logged_in_user
unless logged_in?
store_location
flash[:danger] = "Please log in."
redirect_to login_url
def configure_permitted_parameters
devise_parameter_sanitizer.permit(:sign_up, keys: [:name])
end
end
class MicropostsController < ApplicationController
before_action :logged_in_user, only: [:create, :destroy]
before_action :authenticate_user!
before_action :correct_user, only: :destroy
def create
@micropost = current_user.microposts.build(micropost_params)
if @micropost.save
......
class ResultsController < ApplicationController
before_action :authenticate_user!
before_action :set_result, only: [:show, :edit, :update, :destroy]
def new
......
class SamplesController < ApplicationController
before_action :logged_in_user, only: [:create, :destroy]
before_action :authenticate_user!
before_action :correct_user, only: :destroy
before_action :set_sample, only: [:show, :edit, :update, :destroy,:update_status]
respond_to? :html, :js
......
class SessionsController < ApplicationController
class SessionsController < Devise::SessionsController
before_action :authenticate_user!
def new
end
def create
user = User.find_by(email: params[:session][:email].downcase)
if user && user.authenticate(params[:session][:password])
log_in user
params[:session][:remember_me] == '1' ? remember(user) : forget(user)
redirect_to root_url
else
flash.now[:danger] = 'Invalid email/password combination'
render 'new'
end
end
def destroy
log_out if logged_in?
redirect_to root_url
end
end
class StaticPagesController < ApplicationController
before_action :authenticate_user!
def home
if (logged_in?)
@sample = if params[:display_sample].present?
Sample.find(params[:display_sample].to_i)
else
current_user.samples.build
end
if user_signed_in?
@sample = if params[:display_sample].present?
Sample.find(params[:display_sample].to_i)
else
current_user.samples.build
end
end
if (logged_in? && !operator? )
if !operator?
@samples = current_user.samples[0..-1]
@feed_items = current_user.feed.paginate(page: params[:page],per_page: 2 )
elsif (logged_in? && operator?)
else
@samples = Sample.where('status <> ? OR user_id = ?','in preparation',current_user.id)
end
@microposts = Micropost.paginate(:page => params[:page], :per_page => 6 )
......
class UsersController < ApplicationController
before_action :logged_in_user, only: [:index, :edit, :update, :destroy]
before_action :authenticate_user!
before_action :correct_user, only: [:index, :show, :edit, :update]
before_action :set_type
before_action :admin_user, only: [:destroy]
......@@ -21,29 +21,13 @@ class UsersController < ApplicationController
current_user.samples.build
end
@user = User.find(params[:id])
if operator?
if operator?
@samples = @user.samples.where('status <> ? OR user_id = ?','in preparation',current_user.id).paginate(page: params[:page])
else
@samples = @user.samples.paginate(page: params[:page])
end
end
def new
@user = type_class.new
end
def create
@user = type_class.new(user_params)
if @user.save
log_in @user
flash[:success] = "Welcome to ela!"
redirect_to @user
else
render 'new'
end
end
def edit
@user = User.find(params[:id])
end
......@@ -87,13 +71,6 @@ class UsersController < ApplicationController
redirect_to(root_url) unless operator? || @user == current_user
end
def logged_in_user
unless logged_in?
store_location
flash[:danger] = "Please log in."
redirect_to login_url
end
end
#vendosja e type-it
def set_type
@type = type
......
module SessionsHelper
# Logs in the given user.
def log_in(user)
session[:user_id] = user.id
end
# Remembers a user in a persistent session.
def remember(user)
user.remember
cookies.permanent.signed[:user_id] = user.id
cookies.permanent[:remember_token] = user.remember_token
end
# Forgets a persistent session.
# Returns the user corresponding to the remember token cookie.
def current_user
if (user_id = session[:user_id])
@current_user ||= User.find_by(id: user_id)
elsif (user_id = cookies.signed[:user_id])
user = User.find_by(id: user_id)
if user && user.authenticated?(cookies[:remember_token])
log_in user
@current_user = user
end
end
def operator?
current_user && current_user.type == "Operator"
end
# Returns true if the given user is the current user.
def current_user?(user)
user == current_user
end
# Returns the current logged-in user (if any).
#def current_user
# @current_user ||= User.find_by(id: session[:user_id])
#end
# Returns true if the user is logged in, false otherwise.
def logged_in?
!current_user.nil?
end
def operator?
current_user.type == "Operator"
end
def forget(user)
user.forget
cookies.delete(:user_id)
cookies.delete(:remember_token)
end
# Logs out the current user.
def log_out
forget(current_user)
session.delete(:user_id)
@current_user = nil
end
end
end
\ No newline at end of file
class User < ApplicationRecord
devise :database_authenticatable, :registerable, :rememberable, :recoverable,
:trackable, :validatable
has_many :samples, dependent: :destroy
has_many :microposts, dependent: :destroy
#has_many :results, dependent: :destroy
self.inheritance_column = :type
attr_accessor :remember_token, :activation_token, :reset_token
default_scope { order(updated_at: :desc) }
before_save { self.email = email.downcase }
before_create :create_activation_digest
validates :name, presence: true, length: { maximum: 50 }
#VALID_EMAIL_REGEX = /\A[\w+\-.]+@[a-z\d\-.]+\.[a-z]+\z/i
validates :email, presence: true, length: { maximum: 255 },
......@@ -15,17 +17,13 @@ class User < ApplicationRecord
format: { with: /\b[A-Z0-9._%a-z\-+@]kit\.edu\z/,
message: "must be a 'kit.edu' account" },
uniqueness: { case_sensitive: false }
has_secure_password
# has_secure_password
validates :password, presence: true, length: { minimum: 6 }, allow_nil: true
#validates :type, presence: true
scope :operators, -> { where(type: 'Operator')}
scope :chemists, -> {where(type: 'Chemist')}
def password_reset_expired?
reset_sent_at < 2.hours.ago
end
def self.types
%w(Operator Chemist)
end
......@@ -33,48 +31,6 @@ class User < ApplicationRecord
def feed
Sample.where("user_id = ?", id)
end
# Returns the hash digest of the given string.
def self.digest(string)
cost = ActiveModel::SecurePassword.min_cost ? BCrypt::Engine::MIN_COST :
BCrypt::Engine.cost
BCrypt::Password.create(string, cost: cost)
end
# Sets the password reset attributes.
def create_reset_digest
self.reset_token = User.new_token
update_attribute(:reset_digest, User.digest(reset_token))
update_attribute(:reset_sent_at, Time.zone.now)
end
# Sends password reset email.
def send_password_reset_email
UserMailer.password_reset(self).deliver_now
end
# Returns a random token.
def self.new_token
SecureRandom.urlsafe_base64
end
# Remembers a user in the database for use in persistent sessions.
def remember
self.remember_token = User.new_token
update_attribute(:remember_token, User.digest(remember_token))
end
def create_activation_digest
self.activation_token = User.new_token
self.activation_digest = User.digest(activation_token)
end
def authenticated?(attribute, token)
digest = send("#{attribute}_digest")
return false if digest.nil?
BCrypt::Password.new(digest).is_password?(token)
end
# Forgets a user.
def forget
update_attribute(:remember_token, nil)
end
end
class Operator < User; end
class Chemist < User; end
<h2>Resend confirmation instructions</h2>
<%= form_for(resource, as: resource_name, url: confirmation_path(resource_name), html: { method: :post }) do |f| %>
<%= render "devise/shared/error_messages", resource: resource %>
<div class="field">
<%= f.label :email %><br />
<%= f.email_field :email, autofocus: true, autocomplete: "email", value: (resource.pending_reconfirmation? ? resource.unconfirmed_email : resource.email) %>
</div>
<div class="actions">
<%= f.submit "Resend confirmation instructions" %>
</div>
<% end %>
<%= render "devise/shared/links" %>
<p>Welcome <%= @email %>!</p>
<p>You can confirm your account email through the link below:</p>
<p><%= link_to 'Confirm my account', confirmation_url(@resource, confirmation_token: @token) %></p>
<p>Hello <%= @email %>!</p>
<% if @resource.try(:unconfirmed_email?) %>
<p>We're contacting you to notify you that your email is being changed to <%= @resource.unconfirmed_email %>.</p>
<% else %>
<p>We're contacting you to notify you that your email has been changed to <%= @resource.email %>.</p>
<% end %>
<p>Hello <%= @resource.email %>!</p>
<p>We're contacting you to notify you that your password has been changed.</p>
<p>Hello <%= @resource.email %>!</p>
<p>Someone has requested a link to change your password. You can do this through the link below.</p>
<p><%= link_to 'Change my password', edit_password_url(@resource, reset_password_token: @token) %></p>
<p>If you didn't request this, please ignore this email.</p>
<p>Your password won't change until you access the link above and create a new one.</p>
<p>Hello <%= @resource.email %>!</p>
<p>Your account has been locked due to an excessive number of unsuccessful sign in attempts.</p>
<p>Click the link below to unlock your account:</p>
<p><%= link_to 'Unlock my account', unlock_url(@resource, unlock_token: @token) %></p>
<h2>Change your password</h2>
<div class="row">
<div class="col-md-6 col-md-offset-3">
<%= form_for(resource, as: resource_name, url: password_path(resource_name), html: { method: :put }) do |f| %>
<%= render "devise/shared/error_messages", resource: resource %>
<%= f.hidden_field :reset_password_token %>
<div class="field">
<%= f.label :password, "New password" %><br />
<% if @minimum_password_length %>
<em>(<%= @minimum_password_length %> characters minimum)</em><br />
<% end %>
<%= f.password_field :password, autofocus: true, autocomplete: "new-password" %>
</div>
<div class="field">
<%= f.label :password_confirmation, "Confirm new password" %><br />
<%= f.password_field :password_confirmation, autocomplete: "new-password" %>
</div>
<div class="actions">
<%= f.submit "Change my password" %>
</div>
<% end %>
<%= render "devise/shared/links" %>
</div>
</div>
\ No newline at end of file
<h2>Forgot your password?</h2>
<div class="row">
<div class="col-md-6 col-md-offset-3">
<%= form_for(resource, as: resource_name, url: password_path(resource_name), html: { method: :post }) do |f| %>
<%= render "devise/shared/error_messages", resource: resource %>
<div class="field">
<%= f.label :email %><br />
<%= f.email_field :email, autofocus: true, autocomplete: "email" %>
</div>
<div class="actions">
<%= f.submit "Send me reset password instructions", class: "btn btn-success" %>
</div>
<% end %>
<%= render "devise/shared/links" %>
</div>
</div>
<h2>Edit <%= resource_name.to_s.humanize %></h2>
<div class="row">
<div class="col-md-6 col-md-offset-3">
<%= form_for(resource, as: resource_name, url: registration_path(resource_name), html: { method: :put }) do |f| %>
<%= render "devise/shared/error_messages", resource: resource %>
<div class="field">
<%= f.label :email %><br />
<%= f.email_field :email, autofocus: true, autocomplete: "email" %>
</div>
<% if devise_mapping.confirmable? && resource.pending_reconfirmation? %>
<div>Currently waiting confirmation for: <%= resource.unconfirmed_email %></div>
<% end %>
<div class="field">
<%= f.label :name %><br />
<%= f.text_field :name, autofocus: true, autocomplete: "name" %>
</div>
<div class="field">
<%= f.label :password %> <i>(leave blank if you don't want to change it)</i><br />
<%= f.password_field :password, autocomplete: "new-password" %>
<% if @minimum_password_length %>
<br />
<em><%= @minimum_password_length %> characters minimum</em>
<% end %>
</div>
<div class="field">
<%= f.label :password_confirmation %><br />
<%= f.password_field :password_confirmation, autocomplete: "new-password" %>
</div>
<div class="field">
<%= f.label :current_password %> <i>(we need your current password to confirm your changes)</i><br />
<%= f.password_field :current_password, autocomplete: "current-password" %>
</div>
<div class="actions">
<%= f.submit "Update", class: "btn btn-success" %>
</div>
<% end %>
<h3>Cancel my account</h3>
<p>Unhappy? <%= button_to "Cancel my account", registration_path(resource_name), data: { confirm: "Are you sure?" }, method: :delete %></p>
<%= link_to "Back", :back %>
</div>
</div>
\ No newline at end of file
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment