kidach1/[ts]_add_remember_token_to_users.rb

## [ts]_add_remember_token_to_users.rb
class AddRememberTokenToUsers < ActiveRecord::Migration
  def change
    add_column :users, :remember_token, :string
    add_index  :users, :remember_token
  end
end

## _header.html.erb
  <% if signed_in? %>
    <li><%= link_to "Users", '#' %></li>
    <li><%= link_to "Profile", current_user %></li>
    <li><%= link_to "Settings", '#' %></li>
    <li><%= link_to "Sign out", signout_path, method: "delete" %></li>
  <% else %>
    <li><%= link_to "Sign in", signin_path %></li>
  <% end %>

## application_controller.rb
class ApplicationController < ActionController::Base
  protect_from_forgery with: :exception
  include SessionsHelper
end

## erb
    <%= form_for(:session, url: sessions_path) do |f| %>

      <%= f.label :email %>
      <%= f.text_field :email %>

      <%= f.label :password %>
      <%= f.password_field :password %>

      <%= f.submit "Sign in", class: "btn btn-large btn-primary" %>

    <% end %>

## file10.sh
$ rails generate migration add_remember_token_to_users

## file12.sh
$ rake db:migrate

## file13.rb
  def User.new_remember_token
    SecureRandom.urlsafe_base64
  end

## file14.rb
  def User.encrypt(token)
    Digest::SHA1.hexdigest(token.to_s)
  end

## file4.rb
User.find_by(email: params[:session][:email].downcase)

## file5.rb
user.authenticate(params[:session][:password])

## routes.rb
SampleApp::Application.routes.draw do
  resources :users
  resources :sessions, only: [:new, :create, :destroy]
  root  'static_pages#home'
  match '/signup',  to: 'users#new',            via: 'get'
  match '/signin',  to: 'sessions#new',         via: 'get'
  match '/signout', to: 'sessions#destroy',     via: 'delete'
  ~
end

## sessions_controller.rb
def create
    user = User.find_by(email: params[:session][:email].downcase)
    if user && user.authenticate(params[:session][:password])
      sign_in user
      redirect_to user    # userを解析し、'/users/:id'にリダイレクト
    else
      flash.now[:error] = 'Invalid email/password combination'
      render 'new'
    end
  end

## sessions_helper.rb
module SessionsHelper

  def sign_in(user)
    remember_token = User.new_remember_token
    cookies.permanent[:remember_token] = remember_token
    user.update_attribute(:remember_token, User.encrypt(remember_token))
    self.current_user = user
  end

  def current_user=(user)
    @current_user = user
  end

  # signed_in?を経由して、セッションが張られているかどうかを確認する
  # つまり、（ほとんどの）リクエストの度に呼ぶようにする。
  def current_user
    remember_token = User.encrypt(cookies[:remember_token])
    @current_user ||= User.find_by(remember_token: remember_token)
  end

  def signed_in?
    !current_user.nil?
  end

  def destroy
    self.current_user = nil
    cookies.delete(:remember_token)
  end

end

## user.rb
class User < ActiveRecord::Base
  ~
  # User生成のタイミングでコールバック
  before_create :create_remember_token
  ~

  # ログイン時はSessionHelperから呼び出すことになるのでpublic
  def User.new_remember_token
    SecureRandom.urlsafe_base64
  end

  # 同上
  def User.encrypt(token)
    Digest::SHA1.hexdigest(token.to_s)
  end

  private

    # User生成時、before_createコールバックから呼び出す。
    def create_remember_token
      self.remember_token = User.encrypt(User.new_remember_token)
    end

end
	class AddRememberTokenToUsers < ActiveRecord::Migration
	def change
	add_column :users, :remember_token, :string
	add_index :users, :remember_token
	end
	end
	<% if signed_in? %>
	<li><%= link_to "Users", '#' %></li>
	<li><%= link_to "Profile", current_user %></li>
	<li><%= link_to "Settings", '#' %></li>
	<li><%= link_to "Sign out", signout_path, method: "delete" %></li>
	<% else %>
	<li><%= link_to "Sign in", signin_path %></li>
	<% end %>
	class ApplicationController < ActionController::Base
	protect_from_forgery with: :exception
	include SessionsHelper
	end
	<%= form_for(:session, url: sessions_path) do \|f\| %>

	<%= f.label :email %>
	<%= f.text_field :email %>

	<%= f.label :password %>
	<%= f.password_field :password %>

	<%= f.submit "Sign in", class: "btn btn-large btn-primary" %>

	<% end %>
	def User.encrypt(token)
	Digest::SHA1.hexdigest(token.to_s)
	end
	SampleApp::Application.routes.draw do
	resources :users
	resources :sessions, only: [:new, :create, :destroy]
	root 'static_pages#home'
	match '/signup', to: 'users#new', via: 'get'
	match '/signin', to: 'sessions#new', via: 'get'
	match '/signout', to: 'sessions#destroy', via: 'delete'
	~
	end
	def create
	user = User.find_by(email: params[:session][:email].downcase)
	if user && user.authenticate(params[:session][:password])
	sign_in user
	redirect_to user # userを解析し、'/users/:id'にリダイレクト
	else
	flash.now[:error] = 'Invalid email/password combination'
	render 'new'
	end
	end
	module SessionsHelper

	def sign_in(user)
	remember_token = User.new_remember_token
	cookies.permanent[:remember_token] = remember_token
	user.update_attribute(:remember_token, User.encrypt(remember_token))
	self.current_user = user
	end

	def current_user=(user)
	@current_user = user
	end

	# signed_in?を経由して、セッションが張られているかどうかを確認する
	# つまり、（ほとんどの）リクエストの度に呼ぶようにする。
	def current_user
	remember_token = User.encrypt(cookies[:remember_token])
	@current_user \|\|= User.find_by(remember_token: remember_token)
	end

	def signed_in?
	!current_user.nil?
	end

	def destroy
	self.current_user = nil
	cookies.delete(:remember_token)
	end

	end
	class User < ActiveRecord::Base
	~
	# User生成のタイミングでコールバック
	before_create :create_remember_token
	~

	# ログイン時はSessionHelperから呼び出すことになるのでpublic
	def User.new_remember_token
	SecureRandom.urlsafe_base64
	end

	# 同上
	def User.encrypt(token)
	Digest::SHA1.hexdigest(token.to_s)
	end

	private

	# User生成時、before_createコールバックから呼び出す。
	def create_remember_token
	self.remember_token = User.encrypt(User.new_remember_token)
	end

	end