Merging finished authentication branch into develop. Features full user name and password sign up, sign in authentication and requires users to be signed in to perform higher order actions such as deletion or editing of tags, articles, comments and authors.

Author: Rhelli

Gemfile

@@ -6,6 +6,9 @@ ruby '2.6.5'
 # Paperclip as per TOP specifications
 gem 'paperclip'
 
+# Sorcery for simple  authentication
+gem 'sorcery'
+
 # Bundle edge Rails instead: gem 'rails', github: 'rails/rails'
 gem 'rails', '~> 5.2.3'
 # Use sqlite3 as the database for Active Record

Gemfile.lock

@@ -47,6 +47,7 @@ GEM
     archive-zip (0.12.0)
       io-like (~> 0.3.0)
     arel (9.0.0)
+    bcrypt (3.1.13)
     bindex (0.8.1)
     bootsnap (1.4.5)
       msgpack (~> 1.0)
@@ -76,6 +77,8 @@ GEM
     crass (1.0.6)
     erubi (1.9.0)
     execjs (2.7.0)
+    faraday (1.0.0)
+      multipart-post (>= 1.2, < 3)
     ffi (1.12.2)
     globalid (0.4.2)
       activesupport (>= 4.2.0)
@@ -84,6 +87,7 @@ GEM
     io-like (0.3.0)
     jbuilder (2.9.1)
       activesupport (>= 4.2.0)
+    jwt (2.2.1)
     listen (3.1.5)
       rb-fsevent (~> 0.9, >= 0.9.4)
       rb-inotify (~> 0.9, >= 0.9.7)
@@ -104,9 +108,19 @@ GEM
     mini_portile2 (2.4.0)
     minitest (5.14.0)
     msgpack (1.3.3)
+    multi_json (1.14.1)
+    multi_xml (0.6.0)
+    multipart-post (2.1.1)
     nio4r (2.5.2)
     nokogiri (1.10.7)
       mini_portile2 (~> 2.4.0)
+    oauth (0.5.4)
+    oauth2 (1.4.3)
+      faraday (>= 0.8, < 2.0)
+      jwt (>= 1.0, < 3.0)
+      multi_json (~> 1.3)
+      multi_xml (~> 0.5)
+      rack (>= 1.2, < 3)
     paperclip (6.1.0)
       activemodel (>= 4.2.0)
       activesupport (>= 4.2.0)
@@ -163,6 +177,10 @@ GEM
     selenium-webdriver (3.142.7)
       childprocess (>= 0.5, < 4.0)
       rubyzip (>= 1.2.2)
+    sorcery (0.14.0)
+      bcrypt (~> 3.1)
+      oauth (~> 0.4, >= 0.4.4)
+      oauth2 (~> 1.0, >= 0.8.0)
     spring (2.1.0)
     spring-watcher-listen (2.0.1)
       listen (>= 2.7, < 4.0)
@@ -214,6 +232,7 @@ DEPENDENCIES
   rails (~> 5.2.3)
   sass-rails (~> 5.0)
   selenium-webdriver
+  sorcery
   spring
   spring-watcher-listen (~> 2.0.0)
   sqlite3

app/assets/javascripts/author_sessions.coffee

@@ -0,0 +1,3 @@
+# Place all the behaviors and hooks related to the matching controller here.
+# All this logic will automatically be available in application.js.
+# You can use CoffeeScript in this file: http://coffeescript.org/

app/assets/stylesheets/author_sessions.scss

@@ -0,0 +1,3 @@
+// Place all the styles related to the AuthorSessions controller here.
+// They will automatically be included in application.css.
+// You can use Sass (SCSS) here: http://sass-lang.com/

app/assets/stylesheets/styles.css.scss

@@ -19,6 +19,7 @@ a {
 
 img {
   border-radius: 4px;
+  max-width: 100%;
 }
 
 .clear {
@@ -28,7 +29,7 @@ img {
 }
 
 #container {
-  width: 75%;
+  width: auto;
   margin: 0 auto;
   background: #f0f0f0;
   padding: 20px 40px;

app/controllers/articles_controller.rb

@@ -1,7 +1,8 @@
 class ArticlesController < ApplicationController
-  
   include ArticlesHelper
 
+  before_action :require_login, except: [:index, :show]
+
   def index
     @articles = Article.all
   end

app/controllers/author_sessions_controller.rb

@@ -0,0 +1,18 @@
+class AuthorSessionsController < ApplicationController
+  def new
+  end
+
+  def create
+    if login(params[:email], params[:password])
+      redirect_back_or_to(articles_path, notice: 'Logged in successfully.')
+    else
+      flash.now.alert = 'Login failed. Please try again.'
+      render action: :new
+    end
+  end
+
+  def destroy
+    logout
+    redirect_to(:authors, notice: 'Logged Out!')
+  end
+end

app/controllers/authors_controller.rb

@@ -0,0 +1,83 @@
+class AuthorsController < ApplicationController
+  before_action :set_author, only: [:show, :edit, :update, :destroy]
+  before_action :zero_authors_or_authenticated, only: [:new, :create]
+  before_action :require_login, except: [:new, :create]
+
+  def zero_authors_or_authenticated
+    unless Author.count == 0 || current_user
+      redirect_to root_path
+      return false
+    end
+  end
+
+  # GET /authors
+  # GET /authors.json
+  def index
+    @authors = Author.all
+  end
+
+  # GET /authors/1
+  # GET /authors/1.json
+  def show
+  end
+
+  # GET /authors/new
+  def new
+    @author = Author.new
+  end
+
+  # GET /authors/1/edit
+  def edit
+  end
+
+  # POST /authors
+  # POST /authors.json
+  def create
+    @author = Author.new(author_params)
+
+    respond_to do |format|
+      if @author.save
+        format.html { redirect_to @author, notice: 'Author was successfully created.' }
+        format.json { render :show, status: :created, location: @author }
+      else
+        format.html { render :new }
+        format.json { render json: @author.errors, status: :unprocessable_entity }
+      end
+    end
+  end
+
+  # PATCH/PUT /authors/1
+  # PATCH/PUT /authors/1.json
+  def update
+    respond_to do |format|
+      if @author.update(author_params)
+        format.html { redirect_to @author, notice: 'Author was successfully updated.' }
+        format.json { render :show, status: :ok, location: @author }
+      else
+        format.html { render :edit }
+        format.json { render json: @author.errors, status: :unprocessable_entity }
+      end
+    end
+  end
+
+  # DELETE /authors/1
+  # DELETE /authors/1.json
+  def destroy
+    @author.destroy
+    respond_to do |format|
+      format.html { redirect_to authors_url, notice: 'Author was successfully destroyed.' }
+      format.json { head :no_content }
+    end
+  end
+
+  private
+    # Use callbacks to share common setup or constraints between actions.
+    def set_author
+      @author = Author.find(params[:id])
+    end
+
+    # Never trust parameters from the scary internet, only allow the white list through.
+    def author_params
+      params.require(:author).permit(:username, :email, :password, :password_confirmation)
+    end
+end

app/controllers/comments_controller.rb

@@ -1,4 +1,6 @@
 class CommentsController < ApplicationController
+  before_action :require_login, except: [:create]
+
   def create
     @comment = Comment.new(comment_params)
     @comment.article_id = params[:article_id]

app/controllers/tags_controller.rb

@@ -1,9 +1,18 @@
 class TagsController < ApplicationController
+  before_action :require_login, only: [:destroy]
+
   def index
     @tags = Tag.all
   end
 
   def show
     @tag = Tag.find(params[:id])
   end
+
+  def destroy
+    @tag = Tag.find(params[:id])
+    @tag.destroy
+    flash.notice = "The '#{@tag.name}' tag has been deleted."
+    redirect_to tags_path
+  end
 end