fugafugaにrestful_authenticationをセットアップ。(1)
月並みに。
$ script/generate authenticated user sessions --aasm --rspec
AASMとRSpecに対応させて頂きました。
んで、config/routes.rbに追記。
map.activate '/activate/:activation_code', :controller => 'users', :action => 'activate', :activation_code => nil
んで、config/environment.rbに追記。
+ config.active_record.observers = :user_observera
でも、これって、別段、「絶対に必要」って訳じゃないんだよねぇ...
AASMでステート管理してるなら、そっちでメールの送信とかさせてもイイんだよな...
んで、認証を、loginではなく、emailでさせるように改造(loginは削除)。
おおっと、その前に検索用。
「Ruby on Railsのプラグイン、restful_authenticationで、メールアドレスでログインする」。
# app/controllers/sessions_controller.rb def create logout_keeping_session! - user = User.authenticate(params[:login], params[:password]) + user = User.authenticate(params[:email], params[:password]) if user # Protects against session fixation attacks, causes request forgery # protection if user resubmits an earlier form using back # protection if user resubmits an earlier form using back # button. Uncomment if you understand the tradeoffs. # reset_session self.current_user = user new_cookie_flag = (params[:remember_me] == "1") handle_remember_cookie! new_cookie_flag redirect_back_or_default('/') flash[:notice] = "Logged in successfully" else note_failed_signin - @login = params[:login] + @email = params[:email] @remember_me = params[:remember_me] render :action => 'new' end end (略) protected # Track failed login attempts def note_failed_signin - flash[:error] = "Couldn't log you in as '#{params[:login]}'" - logger.warn "Failed login for '#{params[:login]}' from #{request.remote_ip} at #{Time.now.utc}" + flash[:error] = "Couldn't log you in as '#{params[:email]}'" + logger.warn "Failed login for '#{params[:email]}' from #{request.remote_ip} at #{Time.now.utc}" end
# app/helpers/users_helper.rb def link_to_user(user, options={}) raise "Invalid user" unless user - options.reverse_merge! :content_method => :login, :title_method => :login, :class => :nickname + options.reverse_merge! :content_method => :email, :title_method => :email, :class => :nickname content_text = options.delete(:content_text) content_text ||= user.send(options.delete(:content_method)) options[:title] ||= user.send(options.delete(:title_method))
# app/models/user.rb (略) - validates_presence_of :login - validates_length_of :login, :within => 3..40 - validates_uniqueness_of :login - validates_format_of :login, :with => Authentication.login_regex, :message => Authentication.bad_login_message (略) - attr_accessible :login, :email, :name, :password, :password_confirmation + attr_accessible :email, :name, :password, :password_confirmation (略) - def self.authenticate(login, password) - return nil if login.blank? || password.blank? - u = find_in_state :first, :active, :conditions => {:login => login.downcase} # need to get the salt + def self.authenticate(email, password) + return nil if email.blank? || password.blank? + u = find_in_state :first, :active, :conditions => {:email => email.downcase} # need to get the salt u && u.authenticated?(password) ? u : nil end (略) - def login=(value) - write_attribute :login, (value ? value.downcase : nil) - end
# app/views/sessions/new.html.erb <% form_tag session_path do -%> -<p><%= label_tag 'login' %><br /> -<%= text_field_tag 'login', @login %></p> +<p><%= label_tag 'email' %><br /> +<%= text_field_tag 'email', @email %></p> <p><%= label_tag 'password' %><br/> <%= password_field_tag 'password', nil %></p>
# app/views/user_mailer/signup_notification.erb - Username: <%=h @user.login %> + Username: <%=h @user.email %>
# app/views/user_mailer/activation.erb -<%=h @user.login %>, your account has been activated. Welcome aboard! +<%=h @user.email %>, your account has been activated. Welcome aboard!
# app/views/users/new.html.erb -<p><%= label_tag 'login' %><br/> -<%= f.text_field :login %></p> +<p><%= label_tag 'name' %><br/> +<%= f.text_field :name %></p>
# app/views/users/_user_bar.html.erb - <div id="user-bar-greeting">Logged in as <%= link_to_current_user :content_method => :login %></div> + <div id="user-bar-greeting">Logged in as <%= link_to_current_user :content_method => :email %></div> # これもやっつけ。
# db/migrate/20090223092847_create_users.rb - t.column :login, :string, :limit => 40 (略) - add_index :users, :login, :unique => true + add_index :users, :email, :unique => true
おk?