Add authentication

src/Gemfile

@@ -34,6 +34,11 @@ gem 'jbuilder', '~> 2.5'
 # Use Bootstrap
 gem 'bootstrap-sass', '~> 3.3.7'
 
+# Use sorcery for authentication
+gem 'sorcery'
+# Used for email validation
+gem 'validates_email_format_of'
+
 # Use Capistrano for deployment
 # gem 'capistrano-rails', group: :development
 

src/Gemfile.lock

@@ -41,6 +41,7 @@ GEM
     arel (7.1.4)
     autoprefixer-rails (6.7.2)
       execjs
+    bcrypt (3.1.11)
     bootstrap-sass (3.3.7)
       autoprefixer-rails (>= 5.2.1)
       sass (>= 3.3.4)
@@ -57,6 +58,8 @@ GEM
     debug_inspector (0.0.2)
     erubis (2.7.0)
     execjs (2.7.0)
+    faraday (0.10.1)
+      multipart-post (>= 1.2, < 3)
     ffi (1.9.17)
     globalid (0.3.7)
       activesupport (>= 4.1.0)
@@ -68,6 +71,7 @@ GEM
       rails-dom-testing (>= 1, < 3)
       railties (>= 4.2.0)
       thor (>= 0.14, < 2.0)
+    jwt (1.5.6)
     listen (3.0.8)
       rb-fsevent (~> 0.9, >= 0.9.4)
       rb-inotify (~> 0.9, >= 0.9.7)
@@ -82,9 +86,18 @@ GEM
     mini_portile2 (2.1.0)
     minitest (5.10.1)
     multi_json (1.12.1)
+    multi_xml (0.6.0)
+    multipart-post (2.0.0)
     nio4r (1.2.1)
     nokogiri (1.7.0.1)
       mini_portile2 (~> 2.1.0)
+    oauth (0.5.1)
+    oauth2 (1.3.0)
+      faraday (>= 0.8, < 0.11)
+      jwt (~> 1.0)
+      multi_json (~> 1.3)
+      multi_xml (~> 0.5)
+      rack (>= 1.2, < 3)
     pg (0.19.0)
     puma (3.6.2)
     rack (2.0.1)
@@ -128,6 +141,10 @@ GEM
       sprockets (>= 2.8, < 4.0)
       sprockets-rails (>= 2.0, < 4.0)
       tilt (>= 1.1, < 3)
+    sorcery (0.10.2)
+      bcrypt (~> 3.1)
+      oauth (~> 0.4, >= 0.4.4)
+      oauth2 (~> 1.0, >= 0.8.0)
     spring (2.0.1)
       activesupport (>= 4.2)
     spring-watcher-listen (2.0.1)
@@ -151,6 +168,8 @@ GEM
       thread_safe (~> 0.1)
     uglifier (3.0.4)
       execjs (>= 0.3.0, < 3)
+    validates_email_format_of (1.6.3)
+      i18n
     web-console (3.4.0)
       actionview (>= 5.0)
       activemodel (>= 5.0)
@@ -176,12 +195,14 @@ DEPENDENCIES
   rails-controller-testing
   rake (~> 12.0.0)
   sass-rails (~> 5.0)
+  sorcery
   spring
   spring-watcher-listen (~> 2.0.0)
   sqlite3
   turbolinks (~> 5)
   tzinfo-data
   uglifier (>= 1.3.0)
+  validates_email_format_of
   web-console (>= 3.3.0)
 
 BUNDLED WITH

src/app/assets/javascripts/dashboard.coffee

@@ -0,0 +1,3 @@
+# Place all the behaviors and hooks related to the matching controller here.
+# All this logic will automatically be available in application.js.
+# You can use CoffeeScript in this file: http://coffeescript.org/

src/app/assets/javascripts/sessions.coffee

@@ -0,0 +1,3 @@
+# Place all the behaviors and hooks related to the matching controller here.
+# All this logic will automatically be available in application.js.
+# You can use CoffeeScript in this file: http://coffeescript.org/

src/app/assets/javascripts/users.coffee

@@ -0,0 +1,3 @@
+# Place all the behaviors and hooks related to the matching controller here.
+# All this logic will automatically be available in application.js.
+# You can use CoffeeScript in this file: http://coffeescript.org/

src/app/assets/stylesheets/dashboard.scss

@@ -0,0 +1,3 @@
+// Place all the styles related to the Dashboard controller here.
+// They will automatically be included in application.css.
+// You can use Sass (SCSS) here: http://sass-lang.com/

src/app/assets/stylesheets/sessions.scss

@@ -0,0 +1,3 @@
+// Place all the styles related to the Sessions controller here.
+// They will automatically be included in application.css.
+// You can use Sass (SCSS) here: http://sass-lang.com/

src/app/assets/stylesheets/users.scss

@@ -0,0 +1,3 @@
+// Place all the styles related to the User controller here.
+// They will automatically be included in application.css.
+// You can use Sass (SCSS) here: http://sass-lang.com/

src/app/controllers/application_controller.rb

@@ -1,3 +1,10 @@
 class ApplicationController < ActionController::Base
   protect_from_forgery with: :exception
+  before_action :require_login
+
+  private
+  def not_authenticated
+    flash[:warning] = 'You have to authenticate to access this page.'
+    redirect_to sign_in_path
+  end
 end

src/app/controllers/dashboard_controller.rb

@@ -0,0 +1,4 @@
+class DashboardController < ApplicationController
+  def index
+  end
+end

src/app/controllers/sessions_controller.rb

@@ -0,0 +1,22 @@
+class SessionsController < ApplicationController
+  skip_before_action :require_login, except: [:destroy]
+
+  def new
+  end
+
+  def create
+    if login(params[:email], params[:password])
+      flash[:success] = 'Welcome back!'
+      redirect_back_or_to root_path
+    else
+      flash.now[:warning] = 'E-mail and/or password is incorrect.'
+      render 'new'
+    end
+  end
+
+  def destroy
+    logout
+    flash[:success] = 'See you!'
+    redirect_to sign_in_path
+  end
+end

src/app/controllers/static_pages_controller.rb

@@ -1,4 +1,6 @@
 class StaticPagesController < ApplicationController
+  skip_before_action :require_login
+
   def home
   end
 end

src/app/controllers/users_controller.rb

@@ -0,0 +1,24 @@
+class UsersController < ApplicationController
+  skip_before_action :require_login, only: [:new, :create]
+
+  def new
+    @user = User.new
+  end
+
+  def create
+    @user = User.new(user_params)
+    if @user.save
+      login(params[:user][:email], params[:user][:password])
+      flash[:success] = 'Welcome!'
+      redirect_to root_path
+    else
+      render 'new'
+    end
+  end
+
+  private
+
+  def user_params
+    params.require(:user).permit(:email, :password, :password_confirmation, :username)
+  end
+end

src/app/helpers/dashboard_helper.rb

@@ -0,0 +1,2 @@
+module DashboardHelper
+end

src/app/helpers/sessions_helper.rb

@@ -0,0 +1,2 @@
+module SessionsHelper
+end

src/app/helpers/users_helper.rb

@@ -0,0 +1,2 @@
+module UsersHelper
+end

src/app/models/user.rb

@@ -0,0 +1,8 @@
+class User < ApplicationRecord
+  authenticates_with_sorcery!
+
+  validates :password, length: { minimum: 3 }
+  validates :password, confirmation: true
+  validates :email, uniqueness: true
+  validates :email, uniqueness: true, email_format: { message: 'has invalid format' } 
+end

src/app/views/dashboard/index.html.erb

@@ -0,0 +1,3 @@
+<h1>Dashboard!</h1>
+
+<p>Restricted area for authorized users only.</p>

src/app/views/layouts/_guest_navigation.html.erb

@@ -1,5 +1,5 @@
 <ul class="nav navbar-nav"></ul>
 <ul class="nav navbar-nav navbar-right">
-  <li><%= link_to 'Sign In', '#' %></li>
-  <li><%= link_to 'Sign Up', '#' %></li>
+  <li><%= link_to 'Sign In', sign_in_path %></li>
+  <li><%= link_to 'Sign Up', sign_up_path %></li>
 </ul>

src/app/views/layouts/_header.html.erb

@@ -13,7 +13,7 @@
         <% end %>
       </div>
       <div id="navbar" class="navbar-collapse collapse">
-        <% if false %> <!-- TODO: replace false with current_user -->
+        <% if current_user != nil %>
           <%= render 'layouts/navigation' %>
         <% else %>
           <%= render 'layouts/guest_navigation' %>

src/app/views/layouts/_navigation.html.erb

@@ -4,14 +4,14 @@
 </ul>
 <ul class="nav navbar-nav navbar-right">
   <li class="dropdown">
-    <a href="#" class="dropdown-toggle" data-toggle="dropdown" role="button" aria-haspopup="true" aria-expanded="false">Username
+    <a href="#" class="dropdown-toggle" data-toggle="dropdown" role="button" aria-haspopup="true" aria-expanded="false"><%= current_user.username %>
       <span class="caret"></span>
     </a>
     <ul class="dropdown-menu">
       <li><%= link_to 'Your Profile', '#' %></li>
       <li><%= link_to 'Your Grades', '#' %></li>
       <li role="separator" class="divider"></li>
-      <li><%= link_to 'Log Out', '#' %></li>
+      <li><%= link_to 'Log Out', sign_out_path, method: :delete %></li>
     </ul>
   </li>
 </ul>

src/app/views/layouts/application.html.erb

@@ -12,14 +12,23 @@
   </head>
   <body>
     <%= render 'layouts/header' %>
-    
+
     <!-- Begin page content -->
     <div class="container">
+      <% flash.each do |key, value| %>
+      <div class="alert alert-<%= key %> alert-dismissible" role="alert">
+        <button type="button" class="close" data-dismiss="alert" aria-label="Close">
+          <span aria-hidden="true">&times;</span>
+        </button>
+        <%= value %>
+      </div>
+      <% end %>
+
       <%= yield %>
-      
+
       <%= render 'layouts/footer' %>
     </div>
-    
+
     <%= javascript_include_tag 'application', 'data-turbolinks-track': 'reload' %>
   </body>
-</html>
+</html>

src/app/views/sessions/new.html.erb

@@ -0,0 +1,14 @@
+<h1>Log In</h1>
+<%= form_tag sessions_path, method: :post do %>
+  <div class="form-group">
+    <%= label_tag :email %>
+    <%= email_field_tag :email, nil, class: 'form-control', required: true %>
+  </div>
+
+  <div class="form-group">
+    <%= label_tag :password %>
+    <%= password_field_tag :password, nil, class: 'form-control', required: true %>
+  </div>
+
+  <%= submit_tag 'Log In', class: 'btn btn-primary btn-lg' %>
+<% end %>

src/app/views/users/new.html.erb

@@ -0,0 +1,22 @@
+<h1>Registration</h1>
+
+<%= form_for @user do |f| %>
+  <div class="form-group">
+    <%= f.label :username %>
+    <%= f.text_field :username, class: 'form-control', required: true %>
+  </div>
+
+  <div class="form-group">
+    <%= f.label :email %>
+    <%= f.email_field :email, class: 'form-control', required: true %>
+  </div>
+  <div class="form-group">
+    <%= f.label :password %>
+    <%= f.password_field :password, class: 'form-control', required: true %>
+  </div>
+  <div class="form-group">
+    <%= f.label :password_confirmation %>
+    <%= f.password_field :password_confirmation, class: 'form-control', required: true %>
+  </div>
+  <%= f.submit 'Register', class: 'btn btn-primary btn-lg' %>
+<% end %>