cafe-grader-web

Commit r157:1ed23f0780ca public

parent | child
Description:
more work on registration git-svn-id: http://theory.cpe.ku.ac.th/grader/web/trunk@296 6386c4cd-e34a-4fa8-8920-d93eb39b512e
Commit status:
[Not Reviewed]
References:
default
Diff options:
Raw Diff | Patch Diff | Download Diff | Show whitespace | Increase context
Comments:
0 Commit comments 0 Inline Comments
Unresolved TODOs:
There are no unresolved TODOs
Side by Side Unified
Expand All Files Collapse All Files Wide Mode Diff
Add another comment
Browse Files

r157:1ed23f0780ca - - 6 files changed: 102 inserted, 4 deleted

Show file before | Show file after | Raw diff | Download diff | Show whitespace Increase context Show commentsHide comments
@@ -0,0 +1,29
1 + %h1 New user registration
2 +
3 + = error_messages_for :user, :header_message => 'Errors occured during registration'
4 +
5 + %table
6 + - form_for :user, @user, :url => { :action => 'register' } do |f|
7 + %tr
8 + %td Login:
9 + %td= f.text_field :login
10 + %tr
11 + %td
12 + %td
13 + %small Only a-z, A-Z, 0-9 and _
14 + %tr
15 + %td Full name:
16 + %td= f.text_field :full_name
17 + %tr
18 + %td E-mail:
19 + %td= f.text_field :email
20 + %tr
21 + %td
22 + %td
23 + %small
24 + Please make sure that your e-mail is correct.
25 + %br/
26 + You'll need to verify your account by email.
27 + %tr
28 + %td{:colspan => 2}= submit_tag "Register"
29 +
Show file before | Show file after | Raw diff | Download diff | Show whitespace Increase context Show commentsHide comments
@@ -0,0 +1,11
1 + %h1 Registration successful
2 +
3 + We have sent a confimation message to your e-mail.
4 + %br/
5 + Please check at
6 + = "#{@user.email}."
7 + %br/
8 + %br/
9 +
10 + Go back to
11 + = link_to 'login page.', :controller => 'main', :action => 'login'
Show file before | Show file after | Raw diff | Download diff | Show whitespace Increase context Show commentsHide comments
@@ -1,12 +1,14
1 + require 'pony'
2 +
1 class UsersController < ApplicationController
3 class UsersController < ApplicationController
2
4
3 before_filter :authenticate, :except => [:new, :register]
5 before_filter :authenticate, :except => [:new, :register]
4
6
5 verify :method => :post, :only => [:chg_passwd],
7 verify :method => :post, :only => [:chg_passwd],
6 :redirect_to => { :action => :index }
8 :redirect_to => { :action => :index }
7
9
8 in_place_edit_for :user, :alias_for_editing
10 in_place_edit_for :user, :alias_for_editing
9 in_place_edit_for :user, :email_for_editing
11 in_place_edit_for :user, :email_for_editing
10
12
11 def index
13 def index
12 if !Configuration['system.user_setting_enabled']
14 if !Configuration['system.user_setting_enabled']
@@ -19,13 +21,36
19 def chg_passwd
21 def chg_passwd
20 user = User.find(session[:user_id])
22 user = User.find(session[:user_id])
21 user.password = params[:passwd]
23 user.password = params[:passwd]
22 user.password_confirmation = params[:passwd_verify]
24 user.password_confirmation = params[:passwd_verify]
23 if user.save
25 if user.save
24 flash[:notice] = 'password changed'
26 flash[:notice] = 'password changed'
25 else
27 else
26 flash[:notice] = 'Error: password changing failed'
28 flash[:notice] = 'Error: password changing failed'
27 end
29 end
28 redirect_to :action => 'index'
30 redirect_to :action => 'index'
29 end
31 end
30
32
33 + def new
34 + @user = User.new
35 + render :action => 'new', :layout => 'empty'
31 end
36 end
37 +
38 + def register
39 + @user = User.new(params[:user])
40 + @user.password_confirmation = @user.password = User.random_password
41 + @user.activated = false
42 + if (@user.valid?) and (@user.save)
43 + send_confirmation_email(@user)
44 + render :action => 'new_splash', :layout => 'empty'
45 + else
46 + @user.errors.add_to_base("Email cannot be blank") if @user.email==''
47 + render :action => 'new', :layout => 'empty'
48 + end
49 + end
50 +
51 + protected
52 +
53 + def send_confirmation_email(user)
54 + end
55 +
56 + end
Show file before | Show file after | Raw diff | Download diff | Show whitespace Increase context Show commentsHide comments
@@ -10,32 +10,42
10 :class_name => "Message",
10 :class_name => "Message",
11 :foreign_key => "sender_id",
11 :foreign_key => "sender_id",
12 :order => 'created_at DESC'
12 :order => 'created_at DESC'
13
13
14 has_many :replied_messages,
14 has_many :replied_messages,
15 :class_name => "Message",
15 :class_name => "Message",
16 :foreign_key => "receiver_id",
16 :foreign_key => "receiver_id",
17 :order => 'created_at DESC'
17 :order => 'created_at DESC'
18
18
19 belongs_to :site
19 belongs_to :site
20 belongs_to :country
20 belongs_to :country
21
21
22 + named_scope :activated, :conditions => {:activated => true}
23 +
22 validates_presence_of :login
24 validates_presence_of :login
25 + validates_uniqueness_of :login
26 + validates_format_of :login, :with => /^[\_a-z0-9]+$/
27 + validates_length_of :login, :within => 3..10
28 +
23 validates_presence_of :full_name
29 validates_presence_of :full_name
24 validates_length_of :full_name, :minimum => 1
30 validates_length_of :full_name, :minimum => 1
25
31
26 validates_presence_of :password, :if => :password_required?
32 validates_presence_of :password, :if => :password_required?
27 validates_length_of :password, :within => 4..20, :if => :password_required?
33 validates_length_of :password, :within => 4..20, :if => :password_required?
28 validates_confirmation_of :password, :if => :password_required?
34 validates_confirmation_of :password, :if => :password_required?
29
35
36 + validates_format_of :email, :with => /\A([^@\s]+)@((?:[-a-z0-9]+\.)+[a-z]{2,})\Z/i, :allow_blank => true
37 +
38 + validate :uniqueness_of_email_from_activated_users
39 +
30 attr_accessor :password
40 attr_accessor :password
31
41
32 before_save :encrypt_new_password
42 before_save :encrypt_new_password
33
43
34 def self.authenticate(login, password)
44 def self.authenticate(login, password)
35 user = find_by_login(login)
45 user = find_by_login(login)
36 return user if user && user.authenticated?(password)
46 return user if user && user.authenticated?(password)
37 end
47 end
38
48
39 def authenticated?(password)
49 def authenticated?(password)
40 if self.activated
50 if self.activated
41 hashed_password == User.encrypt(password,self.salt)
51 hashed_password == User.encrypt(password,self.salt)
@@ -75,27 +85,40
75 def alias_for_editing=(e)
85 def alias_for_editing=(e)
76 self.alias=e
86 self.alias=e
77 end
87 end
78
88
79 def activation_key
89 def activation_key
80 Digest::SHA1.hexdigest(self.hashed_password)[0..7]
90 Digest::SHA1.hexdigest(self.hashed_password)[0..7]
81 end
91 end
82
92
83 def verify_activation_key(key)
93 def verify_activation_key(key)
84 key == activation_key
94 key == activation_key
85 end
95 end
86
96
97 + def self.random_password(length=5)
98 + chars = 'abcdefghjkmnopqrstuvwxyz'
99 + password = ''
100 + length.times { password << chars[rand(chars.length - 1)] }
101 + password
102 + end
103 +
87 protected
104 protected
88 def encrypt_new_password
105 def encrypt_new_password
89 return if password.blank?
106 return if password.blank?
90 self.salt = (10+rand(90)).to_s
107 self.salt = (10+rand(90)).to_s
91 self.hashed_password = User.encrypt(self.password,self.salt)
108 self.hashed_password = User.encrypt(self.password,self.salt)
92 end
109 end
93
110
94 def password_required?
111 def password_required?
95 self.hashed_password.blank? || !self.password.blank?
112 self.hashed_password.blank? || !self.password.blank?
96 end
113 end
97
114
98 def self.encrypt(string,salt)
115 def self.encrypt(string,salt)
99 Digest::SHA1.hexdigest(salt + string)
116 Digest::SHA1.hexdigest(salt + string)
100 end
117 end
118 +
119 + def uniqueness_of_email_from_activated_users
120 + if User.activated.find_by_email(self.email)!=nil
121 + self.errors.add_to_base("Email has already been taken")
101 end
122 end
123 + end
124 + end
Show file before | Show file after | Raw diff | Download diff | Show whitespace Increase context Show commentsHide comments
@@ -21,25 +21,25
21 - form_tag :controller => 'login', :action => 'login' do
21 - form_tag :controller => 'login', :action => 'login' do
22 %table
22 %table
23 %tr
23 %tr
24 %td{:align => "right"} Login:
24 %td{:align => "right"} Login:
25 %td= text_field_tag 'login'
25 %td= text_field_tag 'login'
26 %tr
26 %tr
27 %td{:align => "right"} Password:
27 %td{:align => "right"} Password:
28 %td= password_field_tag
28 %td= password_field_tag
29 = submit_tag 'Login'
29 = submit_tag 'Login'
30
30
31 %br/
31 %br/
32
32
33 - -# if Configuration['system.online_registration']
33 + - if Configuration['system.online_registration']
34 Want to participate?
34 Want to participate?
35 %b
35 %b
36 Please
36 Please
37 = link_to 'register.', :controller => :users, :action => :new
37 = link_to 'register.', :controller => :users, :action => :new
38 %br/
38 %br/
39
39
40 - if (Configuration['system.mode']=='contest') and (Configuration['contest.multisites'])
40 - if (Configuration['system.mode']=='contest') and (Configuration['contest.multisites'])
41 %script{:type => 'text/javascript'}
41 %script{:type => 'text/javascript'}
42 var siteList = new Array();
42 var siteList = new Array();
43 - @countries.each do |country|
43 - @countries.each do |country|
44 = "siteList[#{country.id}] = new Array();"
44 = "siteList[#{country.id}] = new Array();"
45 - country.sites.each do |site|
45 - country.sites.each do |site|
Show file before | Show file after | Raw diff | Download diff | Show whitespace Increase context Show commentsHide comments
@@ -1,35 +1,35
1
1
2 require File.dirname(__FILE__) + '/../spec_helper'
2 require File.dirname(__FILE__) + '/../spec_helper'
3
3
4 describe User do
4 describe User do
5
5
6 before(:each) do
6 before(:each) do
7 @password = "hello"
7 @password = "hello"
8 @salt = "123"
8 @salt = "123"
9 @john = stub_model(User, :salt => @salt,
9 @john = stub_model(User, :salt => @salt,
10 :hashed_password => User.encrypt(@password,@salt))
10 :hashed_password => User.encrypt(@password,@salt))
11 end
11 end
12
12
13 - it "should authenticate activated user" do
13 + it "should be authenticated if activated" do
14 @john.should_receive(:activated).and_return(true)
14 @john.should_receive(:activated).and_return(true)
15 @john.authenticated?(@password).should == true
15 @john.authenticated?(@password).should == true
16 end
16 end
17
17
18 - it "should not authenticate inactivated user" do
18 + it "should not be authenticated if inactivated" do
19 @john.should_receive(:activated).and_return(false)
19 @john.should_receive(:activated).and_return(false)
20 @john.authenticated?(@password).should == false
20 @john.authenticated?(@password).should == false
21 end
21 end
22
22
23 - it "should not authenticate user with incorrect password" do
23 + it "should not be authenticated if incorrect password is provided" do
24 @john.should_receive(:activated).and_return(true)
24 @john.should_receive(:activated).and_return(true)
25 @john.should_receive(:hashed_password).and_return("byebye")
25 @john.should_receive(:hashed_password).and_return("byebye")
26 @john.authenticated?(@password).should == false
26 @john.authenticated?(@password).should == false
27 end
27 end
28
28
29 end
29 end
30
30
31 describe User, "during registration" do
31 describe User, "during registration" do
32
32
33 class User
33 class User
34 public :encrypt_new_password
34 public :encrypt_new_password
35 end
35 end
@@ -40,14 +40,24
40 end
40 end
41
41
42 it "should produce and accept activation key" do
42 it "should produce and accept activation key" do
43 activation_key = @john.activation_key
43 activation_key = @john.activation_key
44
44
45 @john.verify_activation_key(activation_key).should == true
45 @john.verify_activation_key(activation_key).should == true
46 end
46 end
47
47
48 it "should not accept invalid activation key" do
48 it "should not accept invalid activation key" do
49 @john.verify_activation_key("12345").should == false
49 @john.verify_activation_key("12345").should == false
50 end
50 end
51
51
52 + end
53 +
54 + describe User, "as a class" do
55 +
56 + it "should be able to generate random password" do
57 + password1 = User.random_password
58 + password2 = User.random_password
59 +
60 + password1.should_not == password2
61 + end
52
62
53 end
63 end
You need to be logged in to leave comments. Login now