# -*- coding: utf-8 -*-
# at_authlogic_basic_setup.rb
#
# See also:
#  http://m.onkey.org/2008/12/4/rails-templates
#  http://www.binarylogic.com/2008/11/3/tutorial-authlogic-basic-setup

# 1. Install Authlogic
plugin "authlogic", :git => "git://github.com/binarylogic/authlogic.git"

# 2. Create your UserSession model
file "app/models/user_session.rb", <<-CODE
class UserSession < Authlogic::Session::Base
  # various configuration goes here. see AuthLogic::Session::Config for more details
end
CODE

# 3. Create your UserSessions controller
generate :controller, "user_sessions"
route %|map.resource :user_session|
route %|map.root :controller => "user_sessions", :action => "new"|

file "app/controllers/user_sessions_controller.rb", <<-CODE
class UserSessionsController < ApplicationController
  def new
    @user_session = UserSession.new
  end

  def create
    @user_session = UserSession.new(params[:user_session])
    if @user_session.save
      flash[:notice] = "Login successful!"
      redirect_back_or_default account_url
    else
      render :action => :new
    end
  end
  
  def destroy
    current_uesr_session.destroy
    flash[:notice] = "Logout successful!"
    redirect_back_or_default new_user_session_url
  end
end
CODE

# 4. Create and setup your User model
generate :scaffold, "user",\
"login:string",\
"crypted_password:string",\
"password_salt:string",\
"persistence_token:string",\
"login_count:integer",\
"last_request_at:datetime",\
"last_login_at:datetime",\
"current_login_at:datetime",\
"last_login_ip:string",\
"current_login_ip:string"

rake "db:migrate"

file "app/models/user.rb", <<-CODE
class User < ActiveRecord::Base
  acts_as_authentic
end
CODE

# 5. Create your UsersController
route %|map.resource :account, :controller => "users"|
route %|map.resources :users|

file "app/controllers/users_controller.rb", <<-CODE
class UsersController < ApplicationController
  def new
    @user = User.new
  end
  
  def create
    @user = User.new(params[:user])
    if @user.save
      flash[:notice] = "Account registered!"
      redirect_back_or_default account_url
    else
      render :action => :new
    end
  end
  
  def show
    @user = @current_user
  end

  def edit
    @user = @current_user
  end
  
  def update
    @user = @current_user
    if @user.update_attributes(params[:user])
      flash[:notice] = "Account updated!"
      redirect_to account_url
    else
      render :action => :edit
    end
  end
end
CODE

# 6. Setup your views

#inside("app/views") do
#  run "mkdir password_resets"
#  run "mkdir user_sessions"
#  run "mkdir users"
#end

file "app/views/layouts/application.html.erb", <<-CODE
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
 
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
  <meta http-equiv="content-type" content="text/html;charset=UTF-8" />
  <title><%= controller.controller_name %>: <%= controller.action_name %></title>
  <%= stylesheet_link_tag 'scaffold' %>
  <%= javascript_include_tag :defaults %>
</head>
<body>
 
<span style="float: right; text-align: right;"><%= link_to "Source code", "http://github.com/binarylogic/authlogic_example" %> | <%= link_to "Setup tutorial", "http://www.binarylogic.com/2008/11/3/tutorial-authlogic-basic-setup" %> | <%= link_to "Password reset tutorial", "http://www.binarylogic.com/2008/11/16/tutorial-reset-passwords-with-authlogic" %><br />
<%= link_to "OpenID tutorial", "http://www.binarylogic.com/2008/11/21/tutorial-using-openid-with-authlogic" %> | <%= link_to "Authlogic Repo", "http://github.com/binarylogic/authlogic" %> | <%= link_to "Authlogic Doc", "http://authlogic.rubyforge.org/" %></span>
<h1>Authlogic Example App</h1>
<%= pluralize User.logged_in.count, "user" %> currently logged in<br /> <!-- This based on last_request_at, if they were active < 10 minutes they are logged in -->
<br />
<br />
 
 
<% if !current_user %>
  <%= link_to "Register", new_account_path %> |
  <%= link_to "Log In", new_user_session_path %> |
<% else %>
  <%= link_to "My Account", account_path %> |
  <%= link_to "Logout", user_session_path, :method => :delete, :confirm => "Are you sure you want to logout?" %>
<% end %>
 
<p style="color: green"><%= flash[:notice] %></p>
 
<%= yield %>
 
</body>
</html>
CODE

file "app/views/password_resets/edit.html.erb", <<-CODE
<h1>Change My Password</h1>
 
<% form_for @user, :url => password_reset_path, :method => :put do |f| %>
  <%= f.error_messages %>
  <%= f.label :password %><br />
  <%= f.password_field :password %><br />
  <br />
  <%= f.label :password_confirmation %><br />
  <%= f.password_field :password_confirmation %><br />
  <br />
  <%= f.submit "Update my password and log me in" %>
<% end %>
CODE

file "app/views/password_resets/new.html.erb", <<-CODE
<h1>Forgot Password</h1>
 
Fill out the form below and instructions to reset your password will be emailed to you:<br />
<br />
 
<% form_tag password_resets_path do %>
  <label>Email:</label><br />
  <%= text_field_tag "email" %><br />
  <br />
  <%= submit_tag "Reset my password" %>
<% end %>
CODE

file "app/views/user_sessions/new.html.erb", <<-CODE
<h1>Login</h1>
 
<% form_for @user_session, :url => user_session_path do |f| %>
  <%= f.error_messages %>
  <%= f.label :login %><br />
  <%= f.text_field :login %><br />
  <br />
  <%= f.label :password %><br />
  <%= f.password_field :password %><br />
  <br />
  <%= f.check_box :remember_me %><%= f.label :remember_me %><br />
  <br />
  <%= f.submit "Login" %>
<% end %>
CODE

file "app/views/users/_form.erb", <<-CODE
<%= form.label :login %><br />
<%= form.text_field :login %><br />
<br />
<%= form.label :password, form.object.new_record? ? nil : "Change password" %><br />
<%= form.password_field :password %><br />
<br />
<%= form.label :password_confirmation %><br />
<%= form.password_field :password_confirmation %><br />
CODE

file "app/views/users/edit.html.erb", <<-CODE
<h1>Edit My Account</h1>
 
<% form_for @user, :url => account_path do |f| %>
  <%= f.error_messages %>
  <%= render :partial => "form", :object => f %>
  <%= f.submit "Update" %>
<% end %>
 
<br /><%= link_to "My Profile", account_path %>
CODE

file "app/views/users/new.html.erb", <<-CODE
<h1>Register</h1>
 
<% form_for @user, :url => account_path do |f| %>
  <%= f.error_messages %>
  <%= render :partial => "form", :object => f %>
  <%= f.submit "Register" %>
<% end %>
CODE

file "app/views/users/show.html.erb", <<-CODE
<p>
  <b>Login:</b>
  <%=h @user.login %>
</p>
 
<p>
  <b>Login count:</b>
  <%=h @user.login_count %>
</p>
 
<p>
  <b>Last request at:</b>
  <%=h @user.last_request_at %>
</p>
 
<p>
  <b>Last login at:</b>
  <%=h @user.last_login_at %>
</p>
 
<p>
  <b>Current login at:</b>
  <%=h @user.current_login_at %>
</p>
 
<p>
  <b>Last login ip:</b>
  <%=h @user.last_login_ip %>
</p>
 
<p>
  <b>Current login ip:</b>
  <%=h @user.current_login_ip %>
</p>
 
 
<%= link_to 'Edit', edit_account_path %>
CODE

# 8. Restrict access
file "app/controllers/application_controller.rb", <<-CODE
class ApplicationController < ActionController::Base
  helper :all # include all helpers, all the time
  helper_method :current_user_session, :current_user
  protect_from_forgery # See ActionController::RequestForgeryProtection for details

  # Scrub sensitive parameters from your log
  filter_parameter_logging :password, :password_confirmation

  private
    def current_user_session
      return @current_user_session if defined?(@current_user_session)
      @current_user_session = UserSession.find
    end
    
    def current_user
      return @current_user if defined?(@current_user)
      @current_user = current_user_session && current_user_session.record
    end
    
    def require_user
      unless current_user
        store_location
        flash[:notice] = "You must be logged in to access this page"
        redirect_to new_user_session_url
        return false
      end
    end

    def require_no_user
      if current_user
        store_location
        flash[:notice] = "You must be logged out to access this page"
        redirect_to account_url
        return false
      end
    end

    def store_location
      session[:return_to] = request.request_uri
    end

    def redirect_back_or_default(default)
      redirect_to(session[:return_to] || default)
      session[:return_to] = nil
    end
end
CODE

file "app/controllers/user_sessions_controller.rb", <<-CODE
class UserSessionsController < ApplicationController
  before_filter :require_no_user, :only => [:new, :create]
  before_filter :require_user, :only => :destroy

  def new
    @user_session = UserSession.new
  end
  
  def create
    @user_session = UserSession.new(params[:user_session])
    @user_session.save do |result|
      if result
        flash[:notice] = "Login successful!"
        redirect_back_or_default account_url
      else
        render :action => :new
      end
    end
  end
  
  def destroy
    current_user_session.destroy
    flash[:notice] = "Logout successful!"
    redirect_back_or_default new_user_session_url
  end
end
CODE

file "app/controllers/users_controller.rb", <<-CODE
class UsersController < ApplicationController
  before_filter :require_no_user, :only => [:new, :create]
  before_filter :require_user, :only => [:show, :edit, :update]

  def new
    @user = User.new
  end
  
  def create
    @user = User.new(params[:user])
    if @user.save
      flash[:notice] = "Account registered!"
      redirect_back_or_default account_url
    else
      render :action => :new
    end
  end
  
  def show
    @user = @current_user
  end
 
  def edit
    @user = @current_user
  end
  
  def update
    @user = @current_user # makes our views "cleaner" and more consistent
    if @user.update_attributes(params[:user])
      flash[:notice] = "Account updated!"
      redirect_to account_url
    else
      render :action => :edit
    end
  end
end
CODE