To use role_requirement, the prerequisite is to install the restful_authentication plugin. These are the 3 steps that I took to achieve a succesful installation.
Step 1 - Grab the plugin from github.com
chee@ibm4linux:~/workspace/crm4test$ script/plugin install git://github.com/technoweenie/restful-authentication.git
Result
Initialized empty Git repository in /home/chee/workspace/crm4test/vendor/plugins/restful-authentication/.git/
remote: Counting objects: 89, done.
remote: Compressing objects: 100% (77/77), done.
remote: Total 89 (delta 5), reused 31 (delta 2)
Unpacking objects: 100% (89/89), done.
From git://github.com/technoweenie/restful-authentication
* branch HEAD -> FETCH_HEAD
Step 2 - Generate user and sessions controllers
chee@ibm4linux:~/workspace/crm4test$ script/generate authenticated user sessions
This is what you will see in the command line editor (in Ubuntu 9.04, a Gnome Terminal Window)
Ready to generate.
----------------------------------------------------------------------
Once finished, don't forget to:
- Add routes to these resources. In config/routes.rb, insert routes like:
map.signup '/signup', :controller => 'users', :action => 'new'
map.login '/login', :controller => 'sessions', :action => 'new'
map.logout '/logout', :controller => 'sessions', :action => 'destroy'
CCH : No need to do so as the latest version automatically includes these routes to routes.rb
----------------------------------------------------------------------
We've create a new site key in config/initializers/site_keys.rb. If you have existing
user accounts their passwords will no longer work (see README). As always,
keep this file safe but don't post it in public.
----------------------------------------------------------------------
exists app/models/
exists app/controllers/
exists app/controllers/
exists app/helpers/
create app/views/sessions
exists app/controllers/
exists app/helpers/
create app/views/users
exists config/initializers
exists test/functional/
exists test/functional/
exists test/unit/
exists test/fixtures/
create app/models/user.rb
create app/controllers/sessions_controller.rb
create app/controllers/users_controller.rb
create lib/authenticated_system.rb
create lib/authenticated_test_helper.rb
create config/initializers/site_keys.rb
create test/functional/sessions_controller_test.rb
create test/functional/users_controller_test.rb
create test/unit/user_test.rb
create test/fixtures/users.yml
create app/helpers/sessions_helper.rb
create app/helpers/users_helper.rb
create app/views/sessions/new.html.erb
create app/views/users/new.html.erb
create app/views/users/_user_bar.html.erb
exists db/migrate
create db/migrate/20090831032706_create_users.rb
route map.resource :session
route map.resources :users
route map.signup '/signup', :controller => 'users', :action => 'new'
route map.register '/register', :controller => 'users', :action => 'create'
route map.login '/login', :controller => 'sessions', :action => 'new'
route map.logout '/logout', :controller => 'sessions', :action => 'destroy'
Step 3 - Modify the Project Database
chee@ibm4linux:~/workspace/crm4test$ rake db:migrate
(in /home/chee/workspace/crm4test)
== CreateUsers: migrating ====================================================
-- create_table("users", {:force=>true})
-> 0.0074s
-- add_index(:users, :login, {:unique=>true})
-> 0.0374s
== CreateUsers: migrated (0.0464s) ===========================================
You may be interested to look at the contents of the migration file as follows :-
class CreateUsers < ActiveRecord::Migration
def self.up
create_table "users", :force => true do |t|
t.column :login, :string, :limit => 40
t.column :name, :string, :limit => 100, :default => '', :null => true
t.column :email, :string, :limit => 100
t.column :crypted_password, :string, :limit => 40
t.column :salt, :string, :limit => 40
t.column :created_at, :datetime
t.column :updated_at, :datetime
t.column :remember_token, :string, :limit => 40
t.column :remember_token_expires_at, :datetime
end
add_index :users, :login, :unique => true
end
def self.down
drop_table "users"
end
end
The Generated User & Sessions Controllers
User.rb
class UsersController < ApplicationController
# Be sure to include AuthenticationSystem in Application Controller instead
include AuthenticatedSystem
# render new.rhtml
def new
@user = User.new
end
def create
logout_keeping_session!
@user = User.new(params[:user])
success = @user && @user.save
if success && @user.errors.empty?
# Protects against session fixation attacks, causes request forgery
# protection if visitor resubmits an earlier form using back
# button. Uncomment if you understand the tradeoffs.
# reset session
self.current_user = @user # !! now logged in
redirect_back_or_default('/')
flash[:notice] = "Thanks for signing up! We're sending you an email with your activation code."
else
flash[:error] = "We couldn't set up that account, sorry. Please try again, or contact an admin (link is above)."
render :action => 'new'
end
end
end
sessions.rb
# This controller handles the login/logout function of the site.
class SessionsController < ApplicationController
# Be sure to include AuthenticationSystem in Application Controller instead
include AuthenticatedSystem
# render new.rhtml
def new
end
def create
logout_keeping_session!
user = User.authenticate(params[:login], params[:password])
if user
# Protects against session fixation attacks, causes request forgery
# protection if user resubmits an earlier form using back
# button. Uncomment if you understand the tradeoffs.
# reset_session
self.current_user = user
new_cookie_flag = (params[:remember_me] == "1")
handle_remember_cookie! new_cookie_flag
redirect_back_or_default('/')
flash[:notice] = "Logged in successfully"
else
note_failed_signin
@login = params[:login]
@remember_me = params[:remember_me]
render :action => 'new'
end
end
def destroy
logout_killing_session!
flash[:notice] = "You have been logged out."
redirect_back_or_default('/')
end
protected
# Track failed login attempts
def note_failed_signin
flash[:error] = "Couldn't log you in as '#{params[:login]}'"
logger.warn "Failed login for '#{params[:login]}' from #{request.remote_ip} at #{Time.now.utc}"
end
end
No comments:
Post a Comment