Added the beginnings of a login/registration system

refs #7 The first thing is to add a userid column to the database. Yeah, forgot that. Sort of necessary for users We also added were some utility functions to the Application Controller. These allow us to check to see if someone is logged in, and if not, redirect to the login url. We also added a login route to the routes. In the users controller, add login and logout actions. Only login is implemented, which redirects to CAS for the login. Also, this commit fixes up the functional tests for the users controller which were previously broken.
jeremyroman · May 19, 2010 · b6a9caf · b6a9caf
1 parent 2251995
commit b6a9caf
Show file tree

Hide file tree

Showing 6 changed files with 98 additions and 2 deletions.
diff --git a/ticketing/app/controllers/application_controller.rb b/ticketing/app/controllers/application_controller.rb
@@ -12,4 +12,37 @@ class ApplicationController < ActionController::Base
   # Uncomment this to filter the contents of submitted sensitive data parameters
   # from your application log (in this case, all fields with names like "password"). 
   # filter_parameter_logging :password
+
+  def store_location
+    session[:return_to] = request.request_uri
+  end
+
+  def redirect_back_or_default(default)
+    redirect_to session[:return_to] || default
+    session[:return_to] = nil
+  end
+
+  def current_user
+    @current_user ||=
+      if session[:userid]
+        User.find_by_userid(session[:userid])
+      end
+  end
+
+  def logged_in?
+    !!current_user
+  end
+
+  def login_required
+    logged_in? || access_denied
+  end
+
+  def access_denied
+    store_location
+    if session[:userid]
+      redirect_to :new_user
+    else
+      redirect_to :login
+    end
+  end
 end
diff --git a/ticketing/app/controllers/users_controller.rb b/ticketing/app/controllers/users_controller.rb
@@ -82,4 +82,22 @@ def destroy
       format.xml  { head :ok }
     end
   end
+
+  def login
+    unless session[:cas_user]
+      CASClient::Frameworks::Rails::Filter.filter(self)
+    else
+      session[:userid] = session[:cas_user]
+
+      if logged_in?
+        redirect_back_or_default(:root)
+      else
+        login_required
+      end
+    end
+  end
+
+  def logout
+  end
+
 end
diff --git a/ticketing/config/routes.rb b/ticketing/config/routes.rb
@@ -33,10 +33,12 @@
   #   end
 
   # You can have the root of your site routed with map.root -- just remember to delete public/index.html.
-  # map.root :controller => "welcome"
+  map.root :controller => :users
 
   # See how all your routes lay out with "rake routes"
 
+  map.login '/login', :controller => :users, :action => :login
+
   # Install the default routes as the lowest priority.
   # Note: These default routes make all actions in every controller accessible via GET requests. You should
   # consider removing the them or commenting them out if you're using named routes and resources.

diff --git a/ticketing/db/migrate/20100518195031_add_userid_to_user.rb b/ticketing/db/migrate/20100518195031_add_userid_to_user.rb
@@ -0,0 +1,9 @@
+class AddUseridToUser < ActiveRecord::Migration
+  def self.up
+    add_column :users, :userid, :string
+  end
+
+  def self.down
+    remove_column :users, :userid
+  end
+end
diff --git a/ticketing/test/fixtures/users.yml b/ticketing/test/fixtures/users.yml
@@ -5,3 +5,16 @@ tester:
   last_name: Tester
   email: [email protected]
   student_number_hash: 7e071fd9b023ed8f18458a73613a0834f6220bd5cc50357ba3493c6040a9ea8c
+  userid: test
+one:
+  first_name: One
+  last_name: Onesie
+  email: [email protected]
+  student_number_hash: 7e071fd9b023ed8f18458a73613a0834f6220bd5cc50357ba3493c6040a9ea8c
+  userid: one
+two:
+  first_name: Two
+  last_name: Twofer
+  email: [email protected]
+  student_number_hash: 7e071fd9b023ed8f18458a73613a0834f6220bd5cc50357ba3493c6040a9ea8c
+  userid: two
diff --git a/ticketing/test/functional/users_controller_test.rb b/ticketing/test/functional/users_controller_test.rb
@@ -14,7 +14,13 @@ class UsersControllerTest < ActionController::TestCase
 
   test "should create user" do
     assert_difference('User.count') do
-      post :create, :user => { }
+      post :create, :user => {
+        :first_name => 'Test',
+        :last_name => 'Tester',
+        :student_number => '00000000',
+        :student_number_confirmation => '00000000',
+        :email => '[email protected]'
+      }
     end
 
     assert_redirected_to user_path(assigns(:user))
@@ -42,4 +48,19 @@ class UsersControllerTest < ActionController::TestCase
 
     assert_redirected_to users_path
   end
+
+  test "login should redirect to CAS if not logged in" do
+    get :login
+    assert_redirected_to 'https://cas.uwaterloo.ca/cas/login?service=http%3A%2F%2Ftest.host%2Flogin'
+  end
+
+  test "login should redirect to root if logged in" do
+    get :login, nil, {:cas_user => "test"}
+    assert_redirected_to "http://test.host/"
+  end
+
+  test "login should redirect to create user if non-existant user" do
+    get :login, nil, {:cas_user => "nonexistantuser"}
+    assert_redirected_to :new_user
+  end
 end