user authenitcation and logout and stuff

app/assets/javascripts/application.js

@@ -10,6 +10,8 @@
 // Read Sprockets README (https://github.com/rails/sprockets#sprockets-directives) for details
 // about supported directives.
 //
-//= require rails-ujs
+//= require jquery
+//= require jquery_ujs
+//= require bootstrap
 //= require turbolinks
 //= require_tree .

app/assets/javascripts/sessions.coffee

@@ -0,0 +1,3 @@
+# Place all the behaviors and hooks related to the matching controller here.
+# All this logic will automatically be available in application.js.
+# You can use CoffeeScript in this file: http://coffeescript.org/

app/assets/stylesheets/sessions.scss

@@ -0,0 +1,3 @@
+// Place all the styles related to the Sessions controller here.
+// They will automatically be included in application.css.
+// You can use Sass (SCSS) here: http://sass-lang.com/

app/controllers/application_controller.rb

@@ -1,4 +1,5 @@
 class ApplicationController < ActionController::Base
   protect_from_forgery with: :exception
+  include SessionsHelper
 
 end

app/controllers/sessions_controller.rb

@@ -0,0 +1,20 @@
+class SessionsController < ApplicationController
+  def new
+  end
+
+  def create
+    user = User.find_by(email: params[:session][:email].downcase)
+    if user && user.authenticate(params[:session][:password])
+      log_in(user)
+      redirect_to user
+    else
+      flash.now[:danger] = 'Invalid email / password combo. Sorry man that sucks.'
+      render 'new'
+    end
+  end
+
+  def destroy
+    log_out
+    redirect_to root_url
+  end
+end

app/controllers/users_controller.rb

@@ -11,6 +11,7 @@ def new
   def create
     @user = User.new(user_params)
     if @user.save
+      log_in @user
       flash[:success] = "Welcome to the Sample App!"
       redirect_to @user
     else

app/helpers/sessions_helper.rb

@@ -0,0 +1,20 @@
+module SessionsHelper
+
+  def log_in(user)
+    session[:user_id] = user.id
+  end
+
+  def current_user
+    @current_user ||= User.find_by(id: session[:user_id])
+  end
+
+  def logged_in?
+    !current_user.nil?
+  end
+
+  def log_out
+    session.delete(:user_id)
+    @current_user = nil
+  end
+
+end

app/models/user.rb

@@ -15,8 +15,14 @@ class User < ApplicationRecord
 
 
 
-def downcase_email
-  self.email = email.downcase if email
-end
+  def downcase_email
+    self.email = email.downcase if email
+  end
+
+  def User.digest(string)
+    cost = ActiveModel::SecurePassword.min_cost ? BCrypt::Engine::MIN_COST :
+                                                  BCrypt::Engine.cost
+    BCrypt::Password.create(string, cost: cost)
+  end
 
 end

app/views/layouts/_header.html.erb

@@ -1,11 +1,28 @@
 <header class="navbar navbar-fixed-top navbar-inverse">
   <div class="container">
-  <%= link_to "sample app", root_path, id: "logo" %>
+    <%= link_to "sample app", root_path, id: "logo" %>
     <nav>
       <ul class="nav navbar-nav navbar-right">
         <li><%= link_to "Home", root_path %></li>
-        <li><%= link_to "Help",   help_path %></li>
-        <li><%= link_to "Log in", '#' %></li>
+        <li><%= link_to "Help", help_path %></li>
+        <% if logged_in? %>
+          <li><%= link_to "Users", '#' %></li>
+          <li class="dropdown">
+            <a href="#" class="dropdown-toggle" data-toggle="dropdown">
+              Account <b class="caret"></b>
+            </a>
+            <ul class="dropdown-menu">
+              <li><%= link_to "Profile", current_user %></li>
+              <li><%= link_to "Settings", '#' %></li>
+              <li class="divider"></li>
+              <li>
+                <%= link_to "Log out", logout_path, method: :delete %>
+              </li>
+            </ul>
+          </li>
+        <% else %>
+          <li><%= link_to "Log in", login_path %></li>
+        <% end %>
       </ul>
     </nav>
   </div>

app/views/sessions/new.html.erb

@@ -0,0 +1,19 @@
+<% provide(:title, "Log in") %>
+<h1>Log in</h1>
+
+<div class="row">
+  <div class="col-md-6 col-md-offset-3">
+    <%= form_for(:session, url: login_path) do |f| %>
+
+      <%= f.label :email %>
+      <%= f.email_field :email, class: 'form-control' %>
+
+      <%= f.label :password %>
+      <%= f.password_field :password, class: 'form-control' %>
+
+      <%= f.submit "Log in", class: "btn btn-primary" %>
+    <% end %>
+
+    <p>New user? <%= link_to "Sign up now!", signup_path %></p>
+  </div>
+</div>

config/routes.rb

@@ -1,10 +1,15 @@
 Rails.application.routes.draw do
-  root  'static_pages#home'
-  get   '/help',    to: 'static_pages#help'
-  get   '/about',   to: 'static_pages#about'
-  get   '/contact', to: 'static_pages#contact'
-  get   '/signup',   to: 'users#new'
-  post  '/signup',  to: 'users#create'
+  get 'sessions/new'
+
+  root     'static_pages#home'
+  get      '/help',             to: 'static_pages#help'
+  get      '/about',            to: 'static_pages#about'
+  get      '/contact',          to: 'static_pages#contact'
+  get      '/signup',           to: 'users#new'
+  post     '/signup',           to: 'users#create'
+  get      '/login',            to: 'sessions#new'
+  post     '/login',            to: 'sessions#create'
+  delete   '/logout',           to: 'sessions#destroy'
 
   resources :users
 end

spec/controllers/sessions_controller_spec.rb

@@ -0,0 +1,12 @@
+require 'rails_helper'
+
+RSpec.describe SessionsController, type: :controller do
+
+  describe "GET #new" do
+    it "returns http success" do
+      get :new
+      expect(response).to have_http_status(:success)
+    end
+  end
+
+end

spec/factories/users.rb

@@ -2,6 +2,6 @@
   factory :user do
     email { Faker::Internet.email }
     name  { Faker::Name.name }
-    password { Faker::Internet.password }
+    password { User.digest(Faker::Internet.password) }
   end
 end

spec/helpers/sessions_helper_spec.rb

@@ -0,0 +1,15 @@
+require 'rails_helper'
+
+# Specs in this file have access to a helper object that includes
+# the SessionsHelper. For example:
+#
+# describe SessionsHelper do
+#   describe "string concat" do
+#     it "concats two strings with spaces" do
+#       expect(helper.concat_strings("this","that")).to eq("this that")
+#     end
+#   end
+# end
+RSpec.describe SessionsHelper, type: :helper do
+  pending "add some examples to (or delete) #{__FILE__}"
+end

spec/requests/users_logins_spec.rb

@@ -0,0 +1,25 @@
+require 'rails_helper'
+
+RSpec.describe "UserLogin", type: :request do
+  let(:user) { FactoryGirl.create(:user) }
+
+  describe "GET /login" do
+    it "only shows flash error message once" do
+      get login_path
+      expect(response).to render_template(:new)
+      post login_path, params: { session: { email: "", password: "" } }
+      expect(response).to render_template(:new)
+      expect(flash[:danger]).to be
+      get root_path
+      expect(flash[:danger]).to_not be
+    end
+
+    it "logs user in with valid info" do
+      get login_path
+      post login_path, params: {session: { email: user.email,
+                                           password:
+                                           user.password } }
+      expect(response).to have_http_status(302)
+    end
+  end
+end

spec/requests/users_signups_spec.rb

@@ -22,6 +22,7 @@
                                          password:              user.password,
                                          password_confirmation: user.password } }
       expect(before_count).to_not equal User.count
+      #expect(is_logged_in?).to be true
     end
   end
 end

spec/spec_helper.rb

@@ -15,6 +15,11 @@
 #
 # See http://rubydoc.info/gems/rspec-core/RSpec/Core/Configuration
 RSpec.configure do |config|
+
+  # Returns true if a test user is logged in.
+  def is_logged_in?
+    !session[:user_id].nil?
+  end
   # rspec-expectations config goes here. You can use an alternate
   # assertion/expectation library such as wrong or the stdlib/minitest
   # assertions if you prefer.

spec/views/sessions/new.html.erb_spec.rb

@@ -0,0 +1,5 @@
+require 'rails_helper'
+
+RSpec.describe "sessions/new.html.erb", type: :view do
+  pending "add some examples to (or delete) #{__FILE__}"
+end