Authenticate

.rspec

@@ -0,0 +1,2 @@
+--color
+--require spec_helper

Gemfile

@@ -5,6 +5,8 @@ source 'https://rubygems.org'
 gem 'rails', '4.2.3'
 # Use postgresql as the database for Active Record
 gem 'pg'
+# Use bcrypt for password encryption
+gem 'bcrypt'
 # Use SCSS for stylesheets
 gem 'sass-rails', '~> 5.0'
 # Use Uglifier as compressor for JavaScript assets
@@ -41,5 +43,9 @@ group :development, :test do
 
   # Spring speeds up development by keeping your application running in the background. Read more: https://github.com/rails/spring
   gem 'spring'
+
+  # Use rpsec and Factory Girl for tests
+  gem 'rspec-rails'
+  gem 'factory_girl_rails'
 end
 

Gemfile.lock

@@ -37,6 +37,7 @@ GEM
       thread_safe (~> 0.3, >= 0.3.4)
       tzinfo (~> 1.1)
     arel (6.0.3)
+    bcrypt (3.1.10)
     binding_of_caller (0.7.2)
       debug_inspector (>= 0.0.1)
     builder (3.2.2)
@@ -49,12 +50,18 @@ GEM
       execjs
     coffee-script-source (1.9.1.1)
     debug_inspector (0.0.2)
+    diff-lcs (1.2.5)
     erubis (2.7.0)
     execjs (2.6.0)
+    factory_girl (4.5.0)
+      activesupport (>= 3.0.0)
+    factory_girl_rails (4.5.0)
+      factory_girl (~> 4.5.0)
+      railties (>= 3.0.0)
     globalid (0.3.6)
       activesupport (>= 4.1.0)
     i18n (0.7.0)
-    jbuilder (2.3.1)
+    jbuilder (2.3.2)
       activesupport (>= 3.0.0, < 5)
       multi_json (~> 1.2)
     jquery-rails (4.0.5)
@@ -102,7 +109,23 @@ GEM
       thor (>= 0.18.1, < 2.0)
     rake (10.4.2)
     rdoc (4.2.0)
-      json (~> 1.4)
+    rspec-core (3.3.2)
+      rspec-support (~> 3.3.0)
+    rspec-expectations (3.3.1)
+      diff-lcs (>= 1.2.0, < 2.0)
+      rspec-support (~> 3.3.0)
+    rspec-mocks (3.3.2)
+      diff-lcs (>= 1.2.0, < 2.0)
+      rspec-support (~> 3.3.0)
+    rspec-rails (3.3.3)
+      actionpack (>= 3.0, < 4.3)
+      activesupport (>= 3.0, < 4.3)
+      railties (>= 3.0, < 4.3)
+      rspec-core (~> 3.3.0)
+      rspec-expectations (~> 3.3.0)
+      rspec-mocks (~> 3.3.0)
+      rspec-support (~> 3.3.0)
+    rspec-support (3.3.0)
     sass (3.4.18)
     sass-rails (5.0.4)
       railties (>= 4.0.0, < 5.0)
@@ -140,15 +163,21 @@ PLATFORMS
   ruby
 
 DEPENDENCIES
+  bcrypt
   byebug
   coffee-rails (~> 4.1.0)
+  factory_girl_rails
   jbuilder (~> 2.0)
   jquery-rails
   pg
   rails (= 4.2.3)
+  rspec-rails
   sass-rails (~> 5.0)
   sdoc (~> 0.4.0)
   spring
   turbolinks
   uglifier (>= 1.3.0)
   web-console (~> 2.0)
+
+BUNDLED WITH
+   1.10.6

app/assets/javascripts/dashboards.coffee

@@ -0,0 +1,3 @@
+# Place all the behaviors and hooks related to the matching controller here.
+# All this logic will automatically be available in application.js.
+# You can use CoffeeScript in this file: http://coffeescript.org/

app/assets/javascripts/sessions.coffee

@@ -0,0 +1,3 @@
+# Place all the behaviors and hooks related to the matching controller here.
+# All this logic will automatically be available in application.js.
+# You can use CoffeeScript in this file: http://coffeescript.org/

app/assets/javascripts/users.coffee

@@ -0,0 +1,3 @@
+# Place all the behaviors and hooks related to the matching controller here.
+# All this logic will automatically be available in application.js.
+# You can use CoffeeScript in this file: http://coffeescript.org/

app/assets/javascripts/verifications.coffee

@@ -0,0 +1,3 @@
+# Place all the behaviors and hooks related to the matching controller here.
+# All this logic will automatically be available in application.js.
+# You can use CoffeeScript in this file: http://coffeescript.org/

app/assets/stylesheets/dashboards.scss

@@ -0,0 +1,3 @@
+// Place all the styles related to the dashboards controller here.
+// They will automatically be included in application.css.
+// You can use Sass (SCSS) here: http://sass-lang.com/

app/assets/stylesheets/sessions.scss

@@ -0,0 +1,3 @@
+// Place all the styles related to the sessions controller here.
+// They will automatically be included in application.css.
+// You can use Sass (SCSS) here: http://sass-lang.com/

app/assets/stylesheets/users.scss

@@ -0,0 +1,3 @@
+// Place all the styles related to the Users controller here.
+// They will automatically be included in application.css.
+// You can use Sass (SCSS) here: http://sass-lang.com/

app/assets/stylesheets/verifications.scss

@@ -0,0 +1,3 @@
+// Place all the styles related to the Verifications controller here.
+// They will automatically be included in application.css.
+// You can use Sass (SCSS) here: http://sass-lang.com/

app/controllers/dashboards_controller.rb

@@ -0,0 +1,5 @@
+class DashboardsController < ApplicationController
+  def new
+    @user = User.find(session[:user_id])
+  end
+end

app/controllers/sessions_controller.rb

@@ -0,0 +1,24 @@
+class SessionsController < ApplicationController
+  def new
+    @user = User.new
+  end
+
+  def create
+    @user = User.where(
+      "email = ? AND verified_at IS NOT NULL",
+      params[:email]
+    ).first
+    if @user && @user.authenticate(params[:password])
+      session[:user_id] = @user.id
+      redirect_to dashboard_path
+    else
+      flash.now[:alert] = "Email or password didn't match"
+      render :new
+    end
+  end
+
+  def destroy
+    reset_session
+    redirect_to signin_path
+  end
+end

app/controllers/users_controller.rb

@@ -0,0 +1,21 @@
+class UsersController < ApplicationController
+  def new
+    @user = User.new
+  end
+
+  def create
+    @user = User.new(user_params)
+    if @user && @user.password == @user.password_confirmation
+      @user.save!
+      redirect_to verify_path(user_id: @user.id)
+    else
+      redirect_to signup_path
+    end
+  end
+
+  private
+
+  def user_params
+    params.require(:user).permit(:email, :password, :password_confirmation)
+  end
+end

app/controllers/verifications_controller.rb

@@ -0,0 +1,18 @@
+require "securerandom"
+
+class VerificationsController < ApplicationController
+  def new
+    @user = User.find(params[:user_id])
+    @user.verification_token = SecureRandom.hex(20)
+    @user.save!
+    UserMailer.verify(@user).deliver_now
+  end
+
+  def create
+    @user = User.find_by(verification_token: params[:token])
+    @user.verified_at = Time.now
+    @user.save!
+    flash[:notice] = "Email verified. Please sign in."
+    redirect_to signin_path
+  end
+end

app/helpers/dashboards_helper.rb

@@ -0,0 +1,2 @@
+module DashboardsHelper
+end

app/helpers/sessions_helper.rb

@@ -0,0 +1,2 @@
+module SessionsHelper
+end

app/helpers/users_helper.rb

@@ -0,0 +1,2 @@
+module UsersHelper
+end

app/helpers/verifications_helper.rb

@@ -0,0 +1,2 @@
+module VerificationsHelper
+end

app/mailers/application_mailer.rb

@@ -0,0 +1,4 @@
+class ApplicationMailer < ActionMailer::Base
+  default from: "[email protected]"
+  layout 'mailer'
+end

app/mailers/user_mailer.rb

@@ -0,0 +1,13 @@
+class UserMailer < ApplicationMailer
+  default from: "[email protected]"
+
+  def verify(user)
+    @user = user
+    mail to: @user.email, subject: "[Ruby Committed] Verify Email"
+  end
+
+  def reset_password(user)
+    @user = user
+    mail to: @user.email, subect: "[Ruby Committed] Reset Password"
+  end
+end

app/models/user.rb

@@ -0,0 +1,8 @@
+class User < ActiveRecord::Base
+  has_secure_password
+
+  validates :email,
+            presence: true,
+            format: /\A[^@\s]+@[^@\s]+\z/,
+            uniqueness: true
+end

app/views/dashboards/new.html.erb

@@ -0,0 +1,3 @@
+<h1>Dashboard</h1>
+
+<%= link_to "Sign Out", signout_path, method: "DELETE" %>

app/views/layouts/mailer.html.erb

@@ -0,0 +1,5 @@
+<html>
+  <body>
+    <%= yield %>
+  </body>
+</html>

app/views/layouts/mailer.text.erb

@@ -0,0 +1 @@
+<%= yield %>

app/views/sessions/new.html.erb

@@ -0,0 +1,13 @@
+Sign In
+
+<%= form_tag do %>
+  <%= label_tag :email, "Email" %>
+  <%= email_field_tag :email %>
+  <br>
+  <%= label_tag :password, "Password" %>
+  <%= password_field_tag :password %>
+  <br>
+  <%= submit_tag "Sign In" %>
+<% end %>
+<br>
+<br>

app/views/user_mailer/verify.text.erb

@@ -0,0 +1,3 @@
+Please click the following link to verify your email:
+
+<%= confirm_url(token: @user.verification_token) %>

app/views/users/new.html.erb

@@ -0,0 +1,14 @@
+Sign Up!
+
+<%= form_for @user, url: signup_path do |f| %>
+  <%= f.label :email, "Email" %>
+  <%= f.email_field :email %>
+  <br>
+  <%= f.label :password, "Password" %>
+  <%= f.password_field :password %>
+  <br>
+  <%= f.label :password_confirmation, "Confirm Password" %>
+  <%= f.password_field :password_confirmation %>
+  <br>
+  <%= f.submit %>
+<% end %>

app/views/verifications/new.html.erb

@@ -0,0 +1,2 @@
+<h1>Please Verify Your Email</h1>
+<p>An email has been sent to <%= @user.email %>. Please click on the link in that message to verify your email address.</p>

bin/rspec

@@ -0,0 +1,16 @@
+#!/usr/bin/env ruby
+#
+# This file was generated by Bundler.
+#
+# The application 'rspec' is installed as part of a gem, and
+# this file is here to facilitate running it.
+#
+
+require 'pathname'
+ENV['BUNDLE_GEMFILE'] ||= File.expand_path("../../Gemfile",
+  Pathname.new(__FILE__).realpath)
+
+require 'rubygems'
+require 'bundler/setup'
+
+load Gem.bin_path('rspec-core', 'rspec')

config/database.yml.sample

@@ -57,7 +57,7 @@ development:
 # Do not set this db to the same as development or production.
 test:
   <<: *default
-  database: committed_test
+  database: committed_development
 
 # As with config/secrets.yml, you never want to store sensitive information,
 # like your database password, in your source code. If your source code is

config/environments/development.rb

@@ -38,4 +38,6 @@
 
   # Raises error for missing translations
   # config.action_view.raise_on_missing_translations = true
+
+  config.action_mailer.default_url_options = { :host => "localhost:3000" }
 end

config/routes.rb

@@ -1,4 +1,21 @@
 Rails.application.routes.draw do
+
+  get    "signup"                     => "users#new",            as: :signup
+  post   "signup"                     => "users#create"
+  get    "signin"                     => "sessions#new",         as: :signin
+  post   "signin"                     => "sessions#create"
+  delete "signout"                    => "sessions#destroy"
+  get    "verify/:user_id"            => "verifications#new",    as: :verify
+  get    "verify/confirm/:token"      => "verifications#create", as: :confirm
+  get    "reset_password"             => "password_resets#new",  as: :reset_password
+  post   "reset_password"             => "password_resets#create"
+  get    "reset_password/:token/edit" => "password_resets#edit", as: :edit_reset_password
+  post   "reset_password/:token/edit" => "password_resets#update"
+  get    "dashboard"                  => "dashboards#new",        as: :dashboard
+
+
+
+
   # The priority is based upon order of creation: first created -> highest priority.
   # See how all your routes lay out with "rake routes".
 

db/migrate/20151004184620_create_users.rb

@@ -0,0 +1,12 @@
+class CreateUsers < ActiveRecord::Migration
+  def change
+    create_table :users do |t|
+      t.string     :email, null: false, index: :unique
+      t.string     :password_digest, null: false
+      t.string     :verification_token
+      t.datetime   :verified_at
+      t.string     :password_reset_token
+      t.timestamps null: false
+    end
+  end
+end

db/schema.rb

@@ -0,0 +1,31 @@
+# encoding: UTF-8
+# This file is auto-generated from the current state of the database. Instead
+# of editing this file, please use the migrations feature of Active Record to
+# incrementally modify your database, and then regenerate this schema definition.
+#
+# Note that this schema.rb definition is the authoritative source for your
+# database schema. If you need to create the application database on another
+# system, you should be using db:schema:load, not running all the migrations
+# from scratch. The latter is a flawed and unsustainable approach (the more migrations
+# you'll amass, the slower it'll run and the greater likelihood for issues).
+#
+# It's strongly recommended that you check this file into your version control system.
+
+ActiveRecord::Schema.define(version: 20151004184620) do
+
+  # These are extensions that must be enabled in order to support this database
+  enable_extension "plpgsql"
+
+  create_table "users", force: :cascade do |t|
+    t.string   "email",                null: false
+    t.string   "password_digest",      null: false
+    t.string   "verification_token"
+    t.datetime "verified_at"
+    t.string   "password_reset_token"
+    t.datetime "created_at",           null: false
+    t.datetime "updated_at",           null: false
+  end
+
+  add_index "users", ["email"], name: "index_users_on_email", using: :btree
+
+end

spec/controllers/dashboards_controller_spec.rb

@@ -0,0 +1,5 @@
+require 'rails_helper'
+
+RSpec.describe DashboardsController, type: :controller do
+
+end