stan/bookstore
1
0
Fork 0
Code Issues Pull requests Projects Releases Wiki Activity

notices, password recovery corner cases and UI changes

Browse source
This commit is contained in:
Karol Selak 2021-03-21 12:41:21 +01:00
parent dace874f4f
commit a69df8e658
14 changed files with 49 additions and 38 deletions
Download patch file Download diff file Expand all files Collapse all files

2
app/controllers/sessions_controller.rb
View file

@ -12,7 +12,7 @@ class SessionsController < ApplicationController
def delete def delete
session.delete(:user_id) session.delete(:user_id)
redirect_to '/welcome' redirect_to '/welcome', notice: 'Logged out properly'
end end
def welcome def welcome

13
app/controllers/users_controller.rb
View file

@ -6,12 +6,13 @@ class UsersController < ApplicationController
def create def create
@user = User.create(params.require(:user).permit(:email, :password)) @user = User.create(params.require(:user).permit(:email, :password))
session[:user_id] = @user.id session[:user_id] = @user.id
redirect_to '/welcome' redirect_to '/welcome', notice: 'Account has been created'
end end
def password_recovery_request def password_recovery_request
@user = User.where(email: params['email']).first @user = User.where(email: params['email']).first
UserMailer.with(user: @user).password_recovery.deliver_now UserMailer.with(user: @user).password_recovery.deliver_now
redirect_to '/welcome', notice: "Recovery email sent to #{params['email']}"
end end
def password_recovery_request_form def password_recovery_request_form
@ -24,13 +25,17 @@ class UsersController < ApplicationController
def recover_password def recover_password
user = User.find(params[:user_id]) user = User.find(params[:user_id])
if user.authenticate_recovery_password(params[:recovery_password]) if user.recovery_password_digest && user.authenticate_recovery_password(params[:recovery_password])
user.password = params[:password] user.password = params[:password]
user.password_confirmation = params[:password_confirmation] user.password_confirmation = params[:password_confirmation]
user.recovery_password_digest = nil
if user.save if user.save
redirect_to '/welcome' user.update(recovery_password: nil)
redirect_to '/welcome', notice: 'Password changed'
else
redirect_to '/welcome', notice: 'Passwords don\'t match'
end end
else
redirect_to '/welcome', notice: 'Recovery link expired or unvalid'
end end
end end
end end

8
app/views/layouts/application.html.erb
View file

@ -2,7 +2,7 @@
<html> <html>
<head> <head>
<title>Book store</title> <title>Book store</title>
<meta name="viewport" content="width=device-width,initial-scale=1"> <meta name='viewport' content='width=device-width,initial-scale=1'>
<%= csrf_meta_tags %> <%= csrf_meta_tags %>
<%= csp_meta_tag %> <%= csp_meta_tag %>
@ -11,6 +11,12 @@
</head> </head>
<body> <body>
<%= link_to 'Home', '/welcome', method: :get%>
<% flash.each do |type, msg| %>
<div class='card-panel teal lighten-5'>
<%= msg %>
</div>
<% end %>
<%= yield %> <%= yield %>
</body> </body>
</html> </html>

2
app/views/sessions/create.html.erb
View file

@ -1,2 +0,0 @@
<h3>Sessions#create</h3>
<p>Find me in app/views/sessions/create.html.erb</p>

6
app/views/sessions/new.html.erb
View file

@ -1,9 +1,9 @@
<h3>Login</h3> <h4>Login</h4>
<%= form_tag '/login' do %> <%= form_tag '/login' do %>
<%= label_tag :email%> <%= label_tag :email%>
<%= text_field_tag :email %> <%= text_field_tag :email %>
<%= label_tag :password%> <%= label_tag :password%>
<%= password_field_tag :password%> <%= password_field_tag :password%>
<%= submit_tag "Login"%> <%= submit_tag "Login", class: 'btn' %>
<%end%> <%end%>
<%= button_to "Password recovery", '/password_recovery_request', method: :get%> <%= link_to "Password recovery", '/password_recovery_request', method: :get%>

10
app/views/sessions/welcome.html.erb
View file

@ -1,8 +1,8 @@
<h3>Welcome</h3> <h4>Welcome</h4>
<% if logged_in? %> <% if logged_in? %>
You are Logged In, <%= current_user.email %> You are Logged In, <%= current_user.email %>
<%= button_to "Logout", '/logout', method: :get%> <%= button_to "Logout", '/logout', method: :get%>
<%else%> <% else %>
<%= button_to "Login", '/login', method: :get%> <%= button_to "Login", '/login', method: :get, class: 'btn'%>
<%= button_to "Sign Up", '/users/new', method: :get%> <%= button_to "Sign Up", '/users/new', method: :get, class: 'btn'%>
<%end%> <% end %>

2
app/views/users/create.html.erb
View file

@ -1,2 +0,0 @@
<h3>Users#create</h3>
<p>Find me in app/views/users/create.html.erb</p>

12
app/views/users/new.html.erb
View file

@ -1,8 +1,8 @@
<h3>Sign Up</h3> <h4>Sign Up</h4>
<%= form_for @user do |f|%> <%= form_for @user do |f|%>
<%= f.label :email%><br> <%= f.label :email%>
<%= f.text_field :email%><br> <%= f.text_field :email%>
<%= f.label :password%><br> <%= f.label :password%>
<%= f.password_field :password%><br> <%= f.password_field :password%>
<%= f.submit %> <%= f.submit 'Sign up', class: 'btn' %>
<%end%> <%end%>

1
app/views/users/password_recovery_request.erb
View file

@ -1 +0,0 @@
Recovery email sent.

9
app/views/users/password_recovery_request_form.erb
View file

@ -1,4 +1,7 @@
<%= form_with url: "/password_recovery_request", method: :post do |form| %> <h4>Password recovery</h4>
<%= form.text_field :email %> Provide an email to password recovery
<%= form.submit "Send email" %> <%= form_with url: "/password_recovery_request", method: :post do |f| %>
<%= f.label :email%><br>
<%= f.text_field :email %>
<%= f.submit 'Send email', class: 'btn' %>
<% end %> <% end %>

16
app/views/users/recover_password_form.html.erb
View file

@ -1,9 +1,11 @@
Recover password <h4>Provide new password</h4>
<%= form_with url: "/recover_password", method: :post do |form| %> <%= form_with url: '/recover_password', method: :post do |f| %>
<%= form.password_field :password %> <%= f.label :password%>
<%= form.password_field :password_confirmation %> <%= f.password_field :password %>
<%= form.hidden_field :recovery_password, :value => @recovery_password %> <%= f.label :password_confirmation%>
<%= form.hidden_field :user_id, :value => @user_id %> <%= f.password_field :password_confirmation %>
<%= form.submit "Change password" %> <%= f.hidden_field :recovery_password, :value => @recovery_password %>
<%= f.hidden_field :user_id, :value => @user_id %>
<%= f.submit 'Change password', class: 'btn' %>
<% end %> <% end %>

2
public/404.html
View file

@ -58,7 +58,7 @@
<!-- This file lives in public/404.html --> <!-- This file lives in public/404.html -->
<div class="dialog"> <div class="dialog">
<div> <div>
<h3>The page you were looking for doesn't exist.</h3> <h4>The page you were looking for doesn't exist.</h4>
<p>You may have mistyped the address or the page may have moved.</p> <p>You may have mistyped the address or the page may have moved.</p>
</div> </div>
<p>If you are the application owner check the logs for more information.</p> <p>If you are the application owner check the logs for more information.</p>

2
public/422.html
View file

@ -58,7 +58,7 @@
<!-- This file lives in public/422.html --> <!-- This file lives in public/422.html -->
<div class="dialog"> <div class="dialog">
<div> <div>
<h3>The change you wanted was rejected.</h3> <h4>The change you wanted was rejected.</h4>
<p>Maybe you tried to change something you didn't have access to.</p> <p>Maybe you tried to change something you didn't have access to.</p>
</div> </div>
<p>If you are the application owner check the logs for more information.</p> <p>If you are the application owner check the logs for more information.</p>

2
public/500.html
View file

@ -58,7 +58,7 @@
<!-- This file lives in public/500.html --> <!-- This file lives in public/500.html -->
<div class="dialog"> <div class="dialog">
<div> <div>
<h3>We're sorry, but something went wrong.</h3> <h4>We're sorry, but something went wrong.</h4>
</div> </div>
<p>If you are the application owner check the logs for more information.</p> <p>If you are the application owner check the logs for more information.</p>
</div> </div>