Skip to content

Instantly share code, notes, and snippets.

@haldun

haldun/application_controller.rb

Created October 11, 2011 19:28
Show Gist options
  • Save haldun/1279136 to your computer and use it in GitHub Desktop.
Save haldun/1279136 to your computer and use it in GitHub Desktop.
Download ZIP
rails auth scaffold
Raw
application_controller.rb
class ApplicationController < ActionController::Base
protect_from_forgery
helper_method :current_user
def current_user
@current_user ||= User.find_by_auth_token(cookies.signed[:auth_token]) if cookies[:auth_token]
end
def authenticate_user!
redirect_to login_url unless current_user
end
end
Raw
gistfile1.txt
rails g model user email:string password_digest:string auth_token:string
rails g controller users new create
rails g controller sessions create
rake db:migrate
Raw
layoutsapplication.html.erb
<% if current_user %>
Logged in as <%= current_user.email %>.
<%= link_to "Log out", logout_path %>
<% else %>
<%= link_to "Sign up", signup_path %> or
<%= link_to "log in", login_path %>.
<% end %>
Raw
modelsuser.rb
class User < ActiveRecord::Base
has_secure_password
attr_accessible :email, :password, :password_confirmation
before_create { generate_token(:auth_token) }
def generate_token(column)
begin
self[column] = SecureRandom.urlsafe_base64
end while User.exists?(column => self[column])
end
def to_s
email
end
end
Raw
routes.rb
get "logout" => "sessions#destroy", :as => "logout"
get "login" => "sessions#new", :as => "login"
get "signup" => "users#new", :as => "signup"
resources :users
resources :sessions
Raw
sessions_controller.rb
class SessionsController < ApplicationController
def new
end
def create
user = User.find_by_email params[:email]
if user && user.authenticate(params[:password])
if params[:remember_me]
cookies.signed.permanent[:auth_token] = user.auth_token
else
cookies.signed[:auth_token] = user.auth_token
end
redirect_to root_url
else
flash.now.alert = "Invalid email or password"
render :new
end
end
def destroy
cookies.delete :auth_token
redirect_to root_url, :notice => "Logged out successfully."
end
end
Raw
sessionsnew.html.erb
<h1>Log in</h1>
<%= form_tag sessions_path do %>
<p>
<%= label_tag :email %><br />
<%= text_field_tag :email, params[:email] %>
</p>
<p>
<%= label_tag :password %><br />
<%= password_field_tag :password %>
</p>
<div class="field">
<%= check_box_tag :remember_me, 1, params[:remember_me] %>
<%= label_tag :remember_me %>
</div>
<p class="button"><%= submit_tag "Log in" %></p>
<% end %>
Raw
users_controller.rb
class UsersController < ApplicationController
expose :user
def new
end
def create
if user.save
cookies.signed.permanent[:auth_token] = user.auth_token
redirect_to root_url, :notice => "Signed up!"
else
render :new
end
end
end
Raw
usersnew.html.erb
<h1>Sign up</h1>
<%= form_for user do |f| %>
<% if user.errors.any? %>
<div class="error_messages">
<h2>Form is invalid</h2>
<ul>
<% for message in user.errors.full_messages %>
<li><%= message %></li>
<% end %>
</ul>
</div>
<% end %>
<div class="field">
<%= f.label :email %>
<%= f.text_field :email %>
</div>
<div class="field">
<%= f.label :password %>
<%= f.password_field :password %>
</div>
<div class="field">
<%= f.label :password_confirmation %>
<%= f.password_field :password_confirmation %>
</div>
<div class="actions"><%= f.submit %></div>
<% end %>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment