WIP - Add Users backed by Devise

Jared Pace
1 parent c5fbd31d
Showing 24 changed files with 381 additions and 19 deletions Show diff stats
Gemfile
Gemfile.lock
README.md
app/controllers/application_controller.rb
app/mailers/mailer.rb
app/models/user.rb
app/views/devise/confirmations/new.html.haml
app/views/devise/mailer/confirmation_instructions.html.haml
app/views/devise/mailer/reset_password_instructions.html.haml
app/views/devise/mailer/unlock_instructions.html.haml
app/views/devise/passwords/edit.html.haml
app/views/devise/passwords/new.html.haml
app/views/devise/registrations/edit.html.haml
app/views/devise/registrations/new.html.haml
app/views/devise/sessions/new.html.haml
app/views/devise/shared/_links.haml
app/views/devise/unlocks/new.html.haml
config/initializers/_load_config.rb
config/initializers/devise.rb
config/initializers/load_config.rb
@@ -6,6 +6,7 @@ gem &#39;bson_ext&#39;, :require =&gt; nil
 gem 'mongoid', '2.0.0.beta.15'
 gem 'haml'
 gem 'will_paginate'
+gem 'devise', '1.1.1'
  
 group :development, :test do
   gem 'rspec-rails', '>= 2.0.0.beta.19'
@@ -30,10 +30,14 @@ GEM
     activesupport (3.0.0.rc)
     arel (0.4.0)
       activesupport (>= 3.0.0.beta)
+    bcrypt-ruby (2.1.2)
     bson (1.0.4)
     bson_ext (1.0.4)
     builder (2.1.2)
     database_cleaner (0.5.2)
+    devise (1.1.1)
+      bcrypt-ruby (~> 2.1.2)
+      warden (~> 0.10.7)
     diff-lcs (1.1.2)
     erubis (2.6.6)
       abstract (>= 1.0.0)
@@ -41,7 +45,7 @@ GEM
     factory_girl_rails (1.0)
       factory_girl (~> 1.3)
       rails (>= 3.0.0.beta4)
-    haml (3.0.15)
+    haml (3.0.16)
     i18n (0.4.1)
     libxml-ruby (1.1.4)
     mail (2.2.5)
@@ -93,6 +97,8 @@ GEM
     treetop (1.4.8)
       polyglot (>= 0.3.1)
     tzinfo (0.3.22)
+    warden (0.10.7)
+      rack (>= 1.0.0)
     webrat (0.7.2.beta.1)
       nokogiri (>= 1.2.0)
       rack (>= 1.0)
@@ -105,6 +111,7 @@ PLATFORMS
 DEPENDENCIES
   bson_ext
   database_cleaner (= 0.5.2)
+  devise (= 1.1.1)
   factory_girl_rails
   haml
   libxml-ruby
 Errbit: The open source self-hosted Hoptoad Server
 =====================================================
  
-WIP
+Installation
+------------
  
-TODO: License
 \ No newline at end of file
+1. Install MongoDB
+2. Install & Run Bundler
+3. Seed DB - rake db:seed
 \ No newline at end of file
 class ApplicationController < ActionController::Base
   protect_from_forgery
+  
+  before_filter :authenticate_user!
+  
 end
 class Mailer < ActionMailer::Base
   default :from => Errbit::Config.email_from
-  default_url_options[:host] = Errbit::Config.host
  
   def err_notification(notice)
     @notice   = notice
@@ -0,0 +1,13 @@
+class User
+  include Mongoid::Document
+
+  devise :database_authenticatable, :registerable,
+         :recoverable, :rememberable, :trackable, 
+         :validatable, :token_authenticatable
+
+  field :name
+  field :admin, :type => Boolean, :default => false
+  
+  validates_presence_of :name
+
+end
@@ -0,0 +1,9 @@
+%h2 Resend confirmation instructions
+= form_for(resource, :as => resource_name, :url => confirmation_path(resource_name), :html => { :method => :post }) do |f|
+  = devise_error_messages!
+  %p
+    = f.label :email
+    %br/
+    = f.text_field :email
+  %p= f.submit "Resend confirmation instructions"
+= render :partial => "devise/shared/links"
@@ -0,0 +1,4 @@
+%p
+  Welcome #{@resource.email}!
+%p You can confirm your account through the link below:
+%p= link_to 'Confirm my account', confirmation_url(@resource, :confirmation_token => @resource.confirmation_token)
@@ -0,0 +1,6 @@
+%p
+  Hello #{@resource.email}!
+%p Someone has requested a link to change your password, and you can do this through the link below.
+%p= link_to 'Change my password', edit_password_url(@resource, :reset_password_token => @resource.reset_password_token)
+%p If you didn't request this, please ignore this email.
+%p Your password won't change until you access the link above and create a new one.
@@ -0,0 +1,5 @@
+%p
+  Hello #{@resource.email}!
+%p Your account has been locked due to an excessive amount of unsuccessful sign in attempts.
+%p Click the link below to unlock your account:
+%p= link_to 'Unlock my account', unlock_url(@resource, :unlock_token => @resource.unlock_token)
@@ -0,0 +1,14 @@
+%h2 Change your password
+= form_for(resource, :as => resource_name, :url => password_path(resource_name), :html => { :method => :put }) do |f|
+  = devise_error_messages!
+  = f.hidden_field :reset_password_token
+  %p
+    = f.label :password
+    %br/
+    = f.password_field :password
+  %p
+    = f.label :password_confirmation
+    %br/
+    = f.password_field :password_confirmation
+  %p= f.submit "Change my password"
+= render :partial => "devise/shared/links"
@@ -0,0 +1,9 @@
+%h2 Forgot your password?
+= form_for(resource, :as => resource_name, :url => password_path(resource_name), :html => { :method => :post }) do |f|
+  = devise_error_messages!
+  %p
+    = f.label :email
+    %br/
+    = f.text_field :email
+  %p= f.submit "Send me reset password instructions"
+= render :partial => "devise/shared/links"
@@ -0,0 +1,27 @@
+%h2
+  Edit #{resource_name.to_s.humanize}
+= form_for(resource, :as => resource_name, :url => registration_path(resource_name), :html => { :method => :put }) do |f|
+  = devise_error_messages!
+  %p
+    = f.label :email
+    %br/
+    = f.text_field :email
+  %p
+    = f.label :password
+    %i (leave blank if you don't want to change it)
+    %br/
+    = f.password_field :password
+  %p
+    = f.label :password_confirmation
+    %br/
+    = f.password_field :password_confirmation
+  %p
+    = f.label :current_password
+    %i (we need your current password to confirm your changes)
+    %br/
+    = f.password_field :current_password
+  %p= f.submit "Update"
+%h3 Cancel my account
+%p
+  Unhappy? #{link_to "Cancel my account", registration_path(resource_name), :confirm => "Are you sure?", :method => :delete}.
+= link_to "Back", :back
@@ -0,0 +1,20 @@
+%h2 Sign up
+= form_for(resource, :as => resource_name, :url => registration_path(resource_name)) do |f|
+  = devise_error_messages!
+  %p
+    = f.label :name
+    = f.text_field :name
+  %p
+    = f.label :email
+    %br/
+    = f.text_field :email
+  %p
+    = f.label :password
+    %br/
+    = f.password_field :password
+  %p
+    = f.label :password_confirmation
+    %br/
+    = f.password_field :password_confirmation
+  %p= f.submit "Sign up"
+= render :partial => "devise/shared/links"
@@ -0,0 +1,16 @@
+%h2 Sign in
+= form_for(resource, :as => resource_name, :url => session_path(resource_name)) do |f|
+  %p
+    = f.label :email
+    %br/
+    = f.text_field :email
+  %p
+    = f.label :password
+    %br/
+    = f.password_field :password
+  - if devise_mapping.rememberable?
+    %p
+      = f.check_box :remember_me
+      = f.label :remember_me
+  %p= f.submit "Sign in"
+= render :partial => "devise/shared/links"
@@ -0,0 +1,15 @@
+- if controller_name != 'sessions'
+  = link_to "Sign in", new_session_path(resource_name)
+  %br/
+- if devise_mapping.registerable? && controller_name != 'registrations'
+  = link_to "Sign up", new_registration_path(resource_name)
+  %br/
+- if devise_mapping.recoverable? && controller_name != 'passwords'
+  = link_to "Forgot your password?", new_password_path(resource_name)
+  %br/
+- if devise_mapping.confirmable? && controller_name != 'confirmations'
+  = link_to "Didn't receive confirmation instructions?", new_confirmation_path(resource_name)
+  %br/
+- if devise_mapping.lockable? && resource_class.unlock_strategy_enabled?(:email) && controller_name != 'unlocks'
+  = link_to "Didn't receive unlock instructions?", new_unlock_path(resource_name)
+  %br/
@@ -0,0 +1,9 @@
+%h2 Resend unlock instructions
+= form_for(resource, :as => resource_name, :url => unlock_path(resource_name), :html => { :method => :post }) do |f|
+  = devise_error_messages!
+  %p
+    = f.label :email
+    %br/
+    = f.text_field :email
+  %p= f.submit "Resend unlock instructions"
+= render :partial => "devise/shared/links"
@@ -0,0 +1,11 @@
+require 'ostruct'
+
+yaml = File.read(Rails.root.join('config','config.yml'))
+config = YAML.load(yaml)
+
+config.merge!(config.delete(Rails.env)) if config.has_key?(Rails.env)
+
+Errbit::Config = OpenStruct.new(config)
+
+# Set config specific values
+ActionMailer::Base.default_url_options[:host] = Errbit::Config.host
 \ No newline at end of file
@@ -0,0 +1,142 @@
+# Use this hook to configure devise mailer, warden hooks and so forth. The first
+# four configuration values can also be set straight in your models.
+Devise.setup do |config|
+  # ==> Mailer Configuration
+  # Configure the e-mail address which will be shown in DeviseMailer.
+  config.mailer_sender = Errbit::Config.email_from
+
+  # Configure the class responsible to send e-mails.
+  # config.mailer = "Devise::Mailer"
+
+  # ==> ORM configuration
+  # Load and configure the ORM. Supports :active_record (default) and
+  # :mongoid (bson_ext recommended) by default. Other ORMs may be
+  # available as additional gems.
+  require 'devise/orm/mongoid'
+
+  # ==> Configuration for any authentication mechanism
+  # Configure which keys are used when authenticating an user. By default is
+  # just :email. You can configure it to use [:username, :subdomain], so for
+  # authenticating an user, both parameters are required. Remember that those
+  # parameters are used only when authenticating and not when retrieving from
+  # session. If you need permissions, you should implement that in a before filter.
+  # config.authentication_keys = [ :email ]
+
+  # Tell if authentication through request.params is enabled. True by default.
+  # config.params_authenticatable = true
+
+  # Tell if authentication through HTTP Basic Auth is enabled. True by default.
+  # config.http_authenticatable = true
+
+  # Set this to true to use Basic Auth for AJAX requests.  True by default.
+  # config.http_authenticatable_on_xhr = true
+
+  # The realm used in Http Basic Authentication
+  # config.http_authentication_realm = "Application"
+
+  # ==> Configuration for :database_authenticatable
+  # For bcrypt, this is the cost for hashing the password and defaults to 10. If
+  # using other encryptors, it sets how many times you want the password re-encrypted.
+  config.stretches = 10
+
+  # Define which will be the encryption algorithm. Devise also supports encryptors
+  # from others authentication tools as :clearance_sha1, :authlogic_sha512 (then
+  # you should set stretches above to 20 for default behavior) and :restful_authentication_sha1
+  # (then you should set stretches to 10, and copy REST_AUTH_SITE_KEY to pepper)
+  config.encryptor = :bcrypt
+
+  # Setup a pepper to generate the encrypted password.
+  config.pepper = "425f10f555c1a4718aff3370ef9dd2d97a21622beb0400fde6b52177375ddcbe37a2dac6af9bca835c988e00c32887ee940ba111a78eab48234d8799936d36b9"
+
+  # ==> Configuration for :confirmable
+  # The time you want to give your user to confirm his account. During this time
+  # he will be able to access your application without confirming. Default is nil.
+  # When confirm_within is zero, the user won't be able to sign in without confirming. 
+  # You can use this to let your user access some features of your application 
+  # without confirming the account, but blocking it after a certain period 
+  # (ie 2 days). 
+  # config.confirm_within = 2.days
+
+  # ==> Configuration for :rememberable
+  # The time the user will be remembered without asking for credentials again.
+  config.remember_for = 2.weeks
+
+  # If true, a valid remember token can be re-used between multiple browsers.
+  # config.remember_across_browsers = true
+
+  # If true, extends the user's remember period when remembered via cookie.
+  # config.extend_remember_period = false
+
+  # ==> Configuration for :validatable
+  # Range for password length
+  config.password_length = 6..20
+
+  # Regex to use to validate the email address
+  config.email_regexp = /^([\w\.%\+\-]+)@([\w\-]+\.)+([\w]{2,})$/i
+
+  # ==> Configuration for :timeoutable
+  # The time you want to timeout the user session without activity. After this
+  # time the user will be asked for credentials again.
+  # config.timeout_in = 10.minutes
+
+  # ==> Configuration for :lockable
+  # Defines which strategy will be used to lock an account.
+  # :failed_attempts = Locks an account after a number of failed attempts to sign in.
+  # :none            = No lock strategy. You should handle locking by yourself.
+  # config.lock_strategy = :failed_attempts
+
+  # Defines which strategy will be used to unlock an account.
+  # :email = Sends an unlock link to the user email
+  # :time  = Re-enables login after a certain amount of time (see :unlock_in below)
+  # :both  = Enables both strategies
+  # :none  = No unlock strategy. You should handle unlocking by yourself.
+  # config.unlock_strategy = :both
+
+  # Number of authentication tries before locking an account if lock_strategy
+  # is failed attempts.
+  # config.maximum_attempts = 20
+
+  # Time interval to unlock the account if :time is enabled as unlock_strategy.
+  # config.unlock_in = 1.hour
+
+  # ==> Configuration for :token_authenticatable
+  # Defines name of the authentication token params key
+  config.token_authentication_key = :auth_token
+
+  # ==> Scopes configuration
+  # Turn scoped views on. Before rendering "sessions/new", it will first check for
+  # "users/sessions/new". It's turned off by default because it's slower if you
+  # are using only default views.
+  # config.scoped_views = true
+
+  # Configure the default scope given to Warden. By default it's the first
+  # devise role declared in your routes.
+  # config.default_scope = :user
+
+  # Configure sign_out behavior. 
+  # By default sign_out is scoped (i.e. /users/sign_out affects only :user scope).
+  # In case of sign_out_all_scopes set to true any logout action will sign out all active scopes.
+  # config.sign_out_all_scopes = false
+
+  # ==> Navigation configuration
+  # Lists the formats that should be treated as navigational. Formats like
+  # :html, should redirect to the sign in page when the user does not have
+  # access, but formats like :xml or :json, should return 401.
+  # If you have any extra navigational formats, like :iphone or :mobile, you
+  # should add them to the navigational formats lists. Default is [:html]
+  # config.navigational_formats = [:html, :iphone]
+
+  # ==> Warden configuration
+  # If you want to use other strategies, that are not (yet) supported by Devise,
+  # you can configure them inside the config.warden block. The example below
+  # allows you to setup OAuth, using http://github.com/roman/warden_oauth
+  #
+  # config.warden do |manager|
+  #   manager.oauth(:twitter) do |twitter|
+  #     twitter.consumer_secret = <YOUR CONSUMER SECRET>
+  #     twitter.consumer_key  = <YOUR CONSUMER KEY>
+  #     twitter.options :site => 'http://twitter.com'
+  #   end
+  #   manager.default_strategies(:scope => :user).unshift :twitter_oauth
+  # end
+end
@@ -1,8 +0,0 @@
-require 'ostruct'
-
-yaml = File.read(Rails.root.join('config','config.yml'))
-config = YAML.load(yaml)
-
-config.merge!(config.delete(Rails.env)) if config.has_key?(Rails.env)
-
-Errbit::Config = OpenStruct.new(config)
 \ No newline at end of file
@@ -0,0 +1,39 @@
+en:
+  errors:
+    messages:
+      not_found: "not found"
+      already_confirmed: "was already confirmed"
+      not_locked: "was not locked"
+
+  devise:
+    failure:
+      unauthenticated: 'You need to sign in or sign up before continuing.'
+      unconfirmed: 'You have to confirm your account before continuing.'
+      locked: 'Your account is locked.'
+      invalid: 'Invalid email or password.'
+      invalid_token: 'Invalid authentication token.'
+      timeout: 'Your session expired, please sign in again to continue.'
+      inactive: 'Your account was not activated yet.'
+    sessions:
+      signed_in: 'Signed in successfully.'
+      signed_out: 'Signed out successfully.'
+    passwords:
+      send_instructions: 'You will receive an email with instructions about how to reset your password in a few minutes.'
+      updated: 'Your password was changed successfully. You are now signed in.'
+    confirmations:
+      send_instructions: 'You will receive an email with instructions about how to confirm your account in a few minutes.'
+      confirmed: 'Your account was successfully confirmed. You are now signed in.'
+    registrations:
+      signed_up: 'You have signed up successfully. If enabled, a confirmation was sent to your e-mail.'
+      updated: 'You updated your account successfully.'
+      destroyed: 'Bye! Your account was successfully cancelled. We hope to see you again soon.'
+    unlocks:
+      send_instructions: 'You will receive an email with instructions about how to unlock your account in a few minutes.'
+      unlocked: 'Your account was successfully unlocked. You are now signed in.'
+    mailer:
+      confirmation_instructions:
+        subject: 'Confirmation instructions'
+      reset_password_instructions:
+        subject: 'Reset password instructions'
+      unlock_instructions:
+        subject: 'Unlock Instructions'
 Errbit::Application.routes.draw do
  
+  devise_for :users
+
   # Hoptoad Notifier Routes
   match '/notifier_api/v2/notices' => 'notices#create'
   match '/deploys.txt' => 'deploys#create'
@@ -21,6 +23,8 @@ Errbit::Application.routes.draw do
     end
   end
  
+  devise_for :users
+  
   root :to => 'apps#index'
  
 end
-# This file should contain all the record creation needed to seed the database with its default values.
-# The data can then be loaded with the rake db:seed (or created alongside the db with db:setup).
-#
-# Examples:
-#
-#   cities = City.create([{ :name => 'Chicago' }, { :name => 'Copenhagen' }])
-#   Mayor.create(:name => 'Daley', :city => cities.first)
+# Create an initial Admin User
+admin_email = "errbit@#{Errbit::Config.host}"
+admin_pass  = 'password'
+
+puts "Creating an initial admin user:"
+puts "-- email:    #{admin_email}"
+puts "-- password: #{admin_pass}"
+puts ""
+puts "Be sure to change these credentials ASAP!"
+User.create!({
+  :name                   => 'Errbit Admin',
+  :email                  => admin_email,
+  :password               => admin_pass,
+  :password_confirmation  => admin_pass,
+  :admin                  => true
+})
 \ No newline at end of file
@@ -0,0 +1,5 @@
+require 'spec_helper'
+
+describe User do
+  pending "add some examples to (or delete) #{__FILE__}"
+end
...	...	@@ -6,6 +6,7 @@ gem 'bson_ext', :require => nil
6	6	gem 'mongoid', '2.0.0.beta.15'
7	7	gem 'haml'
8	8	gem 'will_paginate'
	9	+gem 'devise', '1.1.1'
9	10
10	11	group :development, :test do
11	12	gem 'rspec-rails', '>= 2.0.0.beta.19'
...	...
...	...	@@ -30,10 +30,14 @@ GEM
30	30	activesupport (3.0.0.rc)
31	31	arel (0.4.0)
32	32	activesupport (>= 3.0.0.beta)
	33	+ bcrypt-ruby (2.1.2)
33	34	bson (1.0.4)
34	35	bson_ext (1.0.4)
35	36	builder (2.1.2)
36	37	database_cleaner (0.5.2)
	38	+ devise (1.1.1)
	39	+ bcrypt-ruby (~> 2.1.2)
	40	+ warden (~> 0.10.7)
37	41	diff-lcs (1.1.2)
38	42	erubis (2.6.6)
39	43	abstract (>= 1.0.0)
...	...	@@ -41,7 +45,7 @@ GEM
41	45	factory_girl_rails (1.0)
42	46	factory_girl (~> 1.3)
43	47	rails (>= 3.0.0.beta4)
44		- haml (3.0.15)
	48	+ haml (3.0.16)
45	49	i18n (0.4.1)
46	50	libxml-ruby (1.1.4)
47	51	mail (2.2.5)
...	...	@@ -93,6 +97,8 @@ GEM
93	97	treetop (1.4.8)
94	98	polyglot (>= 0.3.1)
95	99	tzinfo (0.3.22)
	100	+ warden (0.10.7)
	101	+ rack (>= 1.0.0)
96	102	webrat (0.7.2.beta.1)
97	103	nokogiri (>= 1.2.0)
98	104	rack (>= 1.0)
...	...	@@ -105,6 +111,7 @@ PLATFORMS
105	111	DEPENDENCIES
106	112	bson_ext
107	113	database_cleaner (= 0.5.2)
	114	+ devise (= 1.1.1)
108	115	factory_girl_rails
109	116	haml
110	117	libxml-ruby
...	...
1	1	Errbit: The open source self-hosted Hoptoad Server
2	2	=====================================================
3	3
4		-WIP
	4	+Installation
	5	+------------
5	6
6		-TODO: License
7	7	\ No newline at end of file
	8	+1. Install MongoDB
	9	+2. Install & Run Bundler
	10	+3. Seed DB - rake db:seed
8	11	\ No newline at end of file
...	...
1	1	class ApplicationController < ActionController::Base
2	2	protect_from_forgery
	3	+
	4	+ before_filter :authenticate_user!
	5	+
3	6	end
...	...
1	1	class Mailer < ActionMailer::Base
2	2	default :from => Errbit::Config.email_from
3		- default_url_options[:host] = Errbit::Config.host
4	3
5	4	def err_notification(notice)
6	5	@notice = notice
...	...
...	...	@@ -0,0 +1,13 @@
	1	+class User
	2	+ include Mongoid::Document
	3	+
	4	+ devise :database_authenticatable, :registerable,
	5	+ :recoverable, :rememberable, :trackable,
	6	+ :validatable, :token_authenticatable
	7	+
	8	+ field :name
	9	+ field :admin, :type => Boolean, :default => false
	10	+
	11	+ validates_presence_of :name
	12	+
	13	+end
...	...
...	...	@@ -0,0 +1,9 @@
	1	+%h2 Resend confirmation instructions
	2	+= form_for(resource, :as => resource_name, :url => confirmation_path(resource_name), :html => { :method => :post }) do \|f\|
	3	+ = devise_error_messages!
	4	+ %p
	5	+ = f.label :email
	6	+ %br/
	7	+ = f.text_field :email
	8	+ %p= f.submit "Resend confirmation instructions"
	9	+= render :partial => "devise/shared/links"
...	...
...	...	@@ -0,0 +1,4 @@
	1	+%p
	2	+ Welcome #{@resource.email}!
	3	+%p You can confirm your account through the link below:
	4	+%p= link_to 'Confirm my account', confirmation_url(@resource, :confirmation_token => @resource.confirmation_token)
...	...
...	...	@@ -0,0 +1,6 @@
	1	+%p
	2	+ Hello #{@resource.email}!
	3	+%p Someone has requested a link to change your password, and you can do this through the link below.
	4	+%p= link_to 'Change my password', edit_password_url(@resource, :reset_password_token => @resource.reset_password_token)
	5	+%p If you didn't request this, please ignore this email.
	6	+%p Your password won't change until you access the link above and create a new one.
...	...
...	...	@@ -0,0 +1,5 @@
	1	+%p
	2	+ Hello #{@resource.email}!
	3	+%p Your account has been locked due to an excessive amount of unsuccessful sign in attempts.
	4	+%p Click the link below to unlock your account:
	5	+%p= link_to 'Unlock my account', unlock_url(@resource, :unlock_token => @resource.unlock_token)
...	...