Created
December 10, 2013 01:24
-
-
Save kidach1/7884314 to your computer and use it in GitHub Desktop.
[Rails] セッション管理をベタで実装してみる ref: http://qiita.com/kidachi_/items/ebdb4b29336955903029
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
class AddRememberTokenToUsers < ActiveRecord::Migration | |
def change | |
add_column :users, :remember_token, :string | |
add_index :users, :remember_token | |
end | |
end |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
<% if signed_in? %> | |
<li><%= link_to "Users", '#' %></li> | |
<li><%= link_to "Profile", current_user %></li> | |
<li><%= link_to "Settings", '#' %></li> | |
<li><%= link_to "Sign out", signout_path, method: "delete" %></li> | |
<% else %> | |
<li><%= link_to "Sign in", signin_path %></li> | |
<% end %> |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
class ApplicationController < ActionController::Base | |
protect_from_forgery with: :exception | |
include SessionsHelper | |
end |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
<%= form_for(:session, url: sessions_path) do |f| %> | |
<%= f.label :email %> | |
<%= f.text_field :email %> | |
<%= f.label :password %> | |
<%= f.password_field :password %> | |
<%= f.submit "Sign in", class: "btn btn-large btn-primary" %> | |
<% end %> |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
$ rails generate migration add_remember_token_to_users |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
$ rake db:migrate |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
def User.new_remember_token | |
SecureRandom.urlsafe_base64 | |
end |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
def User.encrypt(token) | |
Digest::SHA1.hexdigest(token.to_s) | |
end |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
User.find_by(email: params[:session][:email].downcase) |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
user.authenticate(params[:session][:password]) |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
SampleApp::Application.routes.draw do | |
resources :users | |
resources :sessions, only: [:new, :create, :destroy] | |
root 'static_pages#home' | |
match '/signup', to: 'users#new', via: 'get' | |
match '/signin', to: 'sessions#new', via: 'get' | |
match '/signout', to: 'sessions#destroy', via: 'delete' | |
~ | |
end |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
def create | |
user = User.find_by(email: params[:session][:email].downcase) | |
if user && user.authenticate(params[:session][:password]) | |
sign_in user | |
redirect_to user # userを解析し、'/users/:id'にリダイレクト | |
else | |
flash.now[:error] = 'Invalid email/password combination' | |
render 'new' | |
end | |
end |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
module SessionsHelper | |
def sign_in(user) | |
remember_token = User.new_remember_token | |
cookies.permanent[:remember_token] = remember_token | |
user.update_attribute(:remember_token, User.encrypt(remember_token)) | |
self.current_user = user | |
end | |
def current_user=(user) | |
@current_user = user | |
end | |
# signed_in?を経由して、セッションが張られているかどうかを確認する | |
# つまり、(ほとんどの)リクエストの度に呼ぶようにする。 | |
def current_user | |
remember_token = User.encrypt(cookies[:remember_token]) | |
@current_user ||= User.find_by(remember_token: remember_token) | |
end | |
def signed_in? | |
!current_user.nil? | |
end | |
def destroy | |
self.current_user = nil | |
cookies.delete(:remember_token) | |
end | |
end |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
class User < ActiveRecord::Base | |
~ | |
# User生成のタイミングでコールバック | |
before_create :create_remember_token | |
~ | |
# ログイン時はSessionHelperから呼び出すことになるのでpublic | |
def User.new_remember_token | |
SecureRandom.urlsafe_base64 | |
end | |
# 同上 | |
def User.encrypt(token) | |
Digest::SHA1.hexdigest(token.to_s) | |
end | |
private | |
# User生成時、before_createコールバックから呼び出す。 | |
def create_remember_token | |
self.remember_token = User.encrypt(User.new_remember_token) | |
end | |
end |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment