Skip to content

Instantly share code, notes, and snippets.

/devise_sessions_new.html.erb

Created May 14, 2011 09:08
Show Gist options
  • Star 0 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
  • Save anonymous/972058 to your computer and use it in GitHub Desktop.
Save anonymous/972058 to your computer and use it in GitHub Desktop.
Download ZIP
devise routing error
Raw
devise_sessions_new.html.erb
<h2>Sign in</h2>
<%= form_for(resource, :as => resource_name, :url => session_path(resource_name)) do |f| %>
<p><%= f.label :login %><br />
<%= f.text_field :login %></p>
<p><%= f.label :password %><br />
<%= f.password_field :password %></p>
<% if devise_mapping.rememberable? -%>
<p><%= f.check_box :remember_me %> <%= f.label :remember_me %></p>
<% end -%>
<p><%= f.submit "Sign in" %></p>
<% end %>
<%= render :partial => "devise/shared/links" %>
Raw
routes.rb
Sotaca::Application.routes.draw do
devise_for :users
resources :categories
resources :products do
resources :assets
end
resources :assets
resources :sessions
resources :users
match 'index' => "pages#index"
match 'home' => "pages#home"
match 'just_in' => "pages#just_in"
match 'info' => "pages#info"
match 'our_story' => "pages#our_story"
match 'contact' => "pages#contact"
match 'terms' => "pages#terms"
match 'press' => "pages#press"
match 'whole_sale' => "pages#whole_sale"
match 'blog' => "pages#blog"
# The priority is based upon order of creation:
# first created -> highest priority.
# Sample of regular route:
# match 'products/:id' => 'catalog#view'
# Keep in mind you can assign values other than :controller and :action
# Sample of named route:
# match 'products/:id/purchase' => 'catalog#purchase', :as => :purchase
# This route can be invoked with purchase_url(:id => product.id)
# Sample resource route (maps HTTP verbs to controller actions automatically):
# resources :products
# Sample resource route with options:
# resources :products do
# member do
# get 'short'
# post 'toggle'
# end
#
# collection do
# get 'sold'
# end
# end
# Sample resource route with sub-resources:
# resources :products do
# resources :comments, :sales
# resource :seller
# end
# Sample resource route with more complex sub-resources
# resources :products do
# resources :comments
# resources :sales do
# get 'recent', :on => :collection
# end
# end
# Sample resource route within a namespace:
# namespace :admin do
# # Directs /admin/products/* to Admin::ProductsController
# # (app/controllers/admin/products_controller.rb)
# resources :products
# end
# You can have the root of your site routed with "root"
# just remember to delete public/index.html.
root :to => "pages#index"
# See how all your routes lay out with "rake routes"
# This is a legacy wild controller route that's not recommended for RESTful applications.
# Note: This route will make all actions in every controller accessible via GET requests.
# match ':controller(/:action(/:id(.:format)))'
end
Raw
sessions_controller.rb
class SessionsController < ApplicationController
def new
end
def create
user = User.authenticate(params[:login], params[:password])
if user
session[:user_id] = user.id
flash[:notice] = "Logged in successfully."
redirect_to_target_or_default("/")
else
flash.now[:error] = "Invalid login or password."
render :action => 'new'
end
end
def destroy
session[:user_id] = nil
flash[:notice] = "You have been logged out."
redirect_to "/"
end
end
Raw
user.rb
class User < ActiveRecord::Base
# Include default devise modules. Others available are:
# :token_authenticatable, :encryptable, :confirmable, :lockable, :timeoutable and :omniauthable
devise :database_authenticatable, :registerable, :confirmable,
:recoverable, :rememberable, :trackable, :validatable
attr_accessor :login
# Setup accessible (or protected) attributes for your model
attr_accessible :email, :password, :password_confirmation, :remember_me
# new columns need to be added here to be writable through mass assignment
attr_accessible :username, :email, :password, :password_confirmation, :login
has_and_belongs_to_many :roles
validates_presence_of :username
validates_uniqueness_of :username, :email, :allow_blank => true
validates_format_of :username, :with => /^[-\w\._@]+$/i, :allow_blank => true, :message => "should only contain letters, numbers, or .-_@"
validates_format_of :email, :with => /^[-a-z0-9_+\.]+\@([-a-z0-9]+\.)+[a-z0-9]{2,4}$/i
validates_presence_of :password, :on => :create
validates_confirmation_of :password
validates_length_of :password, :minimum => 4, :allow_blank => true
# login can be either username or email address
def self.authenticate(login, pass)
user = find_by_username(login) || find_by_email(login)
return user if user && user.matching_password?(pass)
end
def matching_password?(pass)
self.password_hash == encrypt_password(pass)
end
protected
def self.find_for_authentication(conditions={})
if conditions[:login] =~ /^([\w\.%\+\-]+)@([\w\-]+\.)+([\w]{2,})$/i # email regex
conditions[:email] = conditions[:login]
conditions.delete("login")
end
super
end
# Attempt to find a user by it's email. If a record is found, send new
# password instructions to it. If not user is found, returns a new user
# with an email not found error.
def self.send_reset_password_instructions(attributes={})
recoverable = find_recoverable_or_initialize_with_errors(reset_password_keys, attributes, :not_found)
recoverable.send_reset_password_instructions if recoverable.persisted?
recoverable
end
def self.find_recoverable_or_initialize_with_errors(required_attributes, attributes, error=:invalid)
(case_insensitive_keys || []).each { |k| attributes[k].try(:downcase!) }
attributes = attributes.slice(*required_attributes)
attributes.delete_if { |key, value| value.blank? }
if attributes.size == required_attributes.size
if attributes.has_key?(:login)
login = attributes.delete(:login)
record = find_record(login)
else
record = where(attributes).first
end
end
unless record
record = new
required_attributes.each do |key|
value = attributes[key]
record.send("#{key}=", value)
record.errors.add(key, value.present? ? error : :blank)
end
end
record
end
def self.find_record(login)
where(["username = :value OR email = :value", { :value => login }]).first
end
private
def prepare_password
unless password.blank?
self.password_salt = BCrypt::Engine.generate_salt
self.password_hash = encrypt_password(password)
end
end
def encrypt_password(pass)
BCrypt::Engine.hash_secret(pass, password_salt)
end
end
Raw
users_controller.rb
class UsersController < ApplicationController
before_filter :get_user, :only => [:index,:new,:edit]
before_filter :accessible_roles, :only => [:new, :edit, :show, :update, :create]
load_and_authorize_resource :only => [:show,:new,:destroy,:edit,:update]
# GET /users
# GET /users.xml
# GET /users.json HTML and AJAX
#-----------------------------------------------------------------------
def index
@users = User.accessible_by(current_ability, :index).limit(20)
respond_to do |format|
format.json { render :json => @users }
format.xml { render :xml => @users }
format.html
end
end
# GET /users/new
# GET /users/new.xml
# GET /users/new.json HTML AND AJAX
#-------------------------------------------------------------------
def new
respond_to do |format|
format.json { render :json => @user }
format.xml { render :xml => @user }
format.html
end
end
# GET /users/1
# GET /users/1.xml
# GET /users/1.json HTML AND AJAX
#-------------------------------------------------------------------
def show
respond_to do |format|
format.json { render :json => @user }
format.xml { render :xml => @user }
format.html
end
rescue ActiveRecord::RecordNotFound
respond_to_not_found(:json, :xml, :html)
end
# GET /users/1/edit
# GET /users/1/edit.xml
# GET /users/1/edit.json HTML AND AJAX
#-------------------------------------------------------------------
def edit
respond_to do |format|
format.json { render :json => @user }
format.xml { render :xml => @user }
format.html
end
rescue ActiveRecord::RecordNotFound
respond_to_not_found(:json, :xml, :html)
end
# DELETE /users/1
# DELETE /users/1.xml
# DELETE /users/1.json HTML AND AJAX
#-------------------------------------------------------------------
def destroy
@user.destroy!
respond_to do |format|
format.json { respond_to_destroy(:ajax) }
format.xml { head :ok }
format.html { respond_to_destroy(:html) }
end
rescue ActiveRecord::RecordNotFound
respond_to_not_found(:json, :xml, :html)
end
# POST /users
# POST /users.xml
# POST /users.json HTML AND AJAX
#-----------------------------------------------------------------
def create
@user = User.new(params[:user])
if @user.save
respond_to do |format|
format.json { render :json => @user.to_json, :status => 200 }
format.xml { head :ok }
format.html { redirect_to :action => :index }
end
else
respond_to do |format|
format.json { render :text => "Could not create user", :status => :unprocessable_entity } # placeholder
format.xml { head :ok }
format.html { render :action => :new, :status => :unprocessable_entity }
end
end
end
# Get roles accessible by the current user
#----------------------------------------------------
def accessible_roles
@accessible_roles = Role.accessible_by(current_ability,:read)
end
# Make the current user object available to views
#----------------------------------------
def get_user
@current_user = current_user
end
end
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment