From 62071c50e01e3cded26936cecc710d53006b0213 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Juanjo=20Baza=CC=81n?= Date: Mon, 12 Jun 2017 12:10:55 +0200 Subject: [PATCH 1/5] updates mail --- Gemfile.lock | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/Gemfile.lock b/Gemfile.lock index 9e76ebda4..800b14763 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -234,7 +234,7 @@ GEM railties (>= 3.2) loofah (2.0.3) nokogiri (>= 1.5.9) - mail (2.6.6.rc1) + mail (2.6.6) mime-types (>= 1.16, < 4) mime-types (3.1) mime-types-data (~> 3.2015) @@ -551,4 +551,4 @@ DEPENDENCIES whenever BUNDLED WITH - 1.15.0 + 1.15.1 From 3f11dbe1d56773987f382d67b13985bf7ac1fd88 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Juanjo=20Baza=CC=81n?= Date: Mon, 12 Jun 2017 17:26:38 +0200 Subject: [PATCH 2/5] allows login using username or email --- app/models/user.rb | 14 +++++++++++++- app/views/devise/sessions/new.html.erb | 2 +- config/locales/activerecord.en.yml | 1 + config/locales/activerecord.es.yml | 1 + config/locales/devise_views.en.yml | 2 +- config/locales/devise_views.es.yml | 2 +- spec/features/users_auth_spec.rb | 14 +++++++++++++- 7 files changed, 31 insertions(+), 5 deletions(-) diff --git a/app/models/user.rb b/app/models/user.rb index 7d696297e..c9aae0143 100644 --- a/app/models/user.rb +++ b/app/models/user.rb @@ -3,7 +3,8 @@ class User < ActiveRecord::Base include Verification devise :database_authenticatable, :registerable, :confirmable, :recoverable, :rememberable, - :trackable, :validatable, :omniauthable, :async, :password_expirable, :secure_validatable + :trackable, :validatable, :omniauthable, :async, :password_expirable, :secure_validatable, + authentication_keys: [:login] acts_as_voter acts_as_paranoid column: :hidden_at @@ -48,6 +49,7 @@ class User < ActiveRecord::Base attr_accessor :skip_password_validation attr_accessor :use_redeemable_code + attr_accessor :login scope :administrators, -> { joins(:administrators) } scope :moderators, -> { joins(:moderator) } @@ -286,6 +288,16 @@ class User < ActiveRecord::Base end delegate :can?, :cannot?, to: :ability + # overwritting of Devise method to allow login using email OR username + def self.find_for_database_authentication(warden_conditions) + conditions = warden_conditions.dup + if login = conditions.delete(:login) + where(conditions.to_hash).where(["lower(email) = ? OR username = ?", login.downcase, login]).first + elsif conditions.has_key?(:username) || conditions.has_key?(:email) + where(conditions.to_hash).first + end + end + private def clean_document_number diff --git a/app/views/devise/sessions/new.html.erb b/app/views/devise/sessions/new.html.erb index 910135853..da8e74528 100644 --- a/app/views/devise/sessions/new.html.erb +++ b/app/views/devise/sessions/new.html.erb @@ -11,7 +11,7 @@ <%= form_for(resource, as: resource_name, url: session_path(resource_name)) do |f| %>
- <%= f.email_field :email, autofocus: true, placeholder: t("devise_views.sessions.new.email_label") %> + <%= f.text_field :login, autofocus: true, placeholder: t("devise_views.sessions.new.login_label") %>
diff --git a/config/locales/activerecord.en.yml b/config/locales/activerecord.en.yml index c9fd00aab..d36a481ae 100644 --- a/config/locales/activerecord.en.yml +++ b/config/locales/activerecord.en.yml @@ -113,6 +113,7 @@ en: description: "Description" terms_of_service: "Terms of service" user: + login: "Email or username" email: "Email" username: "Username" password_confirmation: "Password confirmation" diff --git a/config/locales/activerecord.es.yml b/config/locales/activerecord.es.yml index 7b4fbebeb..f42577ef2 100644 --- a/config/locales/activerecord.es.yml +++ b/config/locales/activerecord.es.yml @@ -108,6 +108,7 @@ es: description: "Descripción" terms_of_service: "Términos de servicio" user: + login: Email o nombre de usuario email: "Correo electrónico" username: "Nombre de usuario" password_confirmation: "Confirmación de contraseña" diff --git a/config/locales/devise_views.en.yml b/config/locales/devise_views.en.yml index bcd1f1a77..4110fb60e 100755 --- a/config/locales/devise_views.en.yml +++ b/config/locales/devise_views.en.yml @@ -68,7 +68,7 @@ en: title: Forgotten password? sessions: new: - email_label: Email + login_label: Email or username password_label: Password remember_me: Remember me submit: Enter diff --git a/config/locales/devise_views.es.yml b/config/locales/devise_views.es.yml index be8aff97b..184454654 100644 --- a/config/locales/devise_views.es.yml +++ b/config/locales/devise_views.es.yml @@ -68,7 +68,7 @@ es: title: "¿Has olvidado tu contraseña?" sessions: new: - email_label: Email + login_label: Email o nombre de usuario password_label: Contraseña remember_me: Recordarme submit: Entrar diff --git a/spec/features/users_auth_spec.rb b/spec/features/users_auth_spec.rb index e978e7bd2..ce272684a 100644 --- a/spec/features/users_auth_spec.rb +++ b/spec/features/users_auth_spec.rb @@ -35,7 +35,19 @@ feature 'Users' do visit '/' click_link 'Sign in' - fill_in 'user_email', with: 'manuela@consul.dev' + fill_in 'user_login', with: 'manuela@consul.dev' + fill_in 'user_password', with: 'judgementday' + click_button 'Enter' + + expect(page).to have_content 'You have been signed in successfully.' + end + + scenario 'Sign in with username' do + create(:user, username: 'larry', email: 'manuela@consul.dev', password: 'judgementday') + + visit '/' + click_link 'Sign in' + fill_in 'user_login', with: 'larry' fill_in 'user_password', with: 'judgementday' click_button 'Enter' From ed30051653976daa06d3fa21c75ea7f23e49c456 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Juanjo=20Baza=CC=81n?= Date: Mon, 12 Jun 2017 18:54:39 +0200 Subject: [PATCH 3/5] avoids conflicts with users using email as username --- app/models/user.rb | 3 +- spec/features/users_auth_spec.rb | 117 ++++++++++++++++++++++--------- 2 files changed, 84 insertions(+), 36 deletions(-) diff --git a/app/models/user.rb b/app/models/user.rb index c9aae0143..0eacd47bd 100644 --- a/app/models/user.rb +++ b/app/models/user.rb @@ -292,7 +292,8 @@ class User < ActiveRecord::Base def self.find_for_database_authentication(warden_conditions) conditions = warden_conditions.dup if login = conditions.delete(:login) - where(conditions.to_hash).where(["lower(email) = ? OR username = ?", login.downcase, login]).first + where(conditions.to_hash).where(["lower(email) = ?", login.downcase]).first || + where(conditions.to_hash).where(["username = ?", login]).first elsif conditions.has_key?(:username) || conditions.has_key?(:email) where(conditions.to_hash).first end diff --git a/spec/features/users_auth_spec.rb b/spec/features/users_auth_spec.rb index ce272684a..0e3d7b5e5 100644 --- a/spec/features/users_auth_spec.rb +++ b/spec/features/users_auth_spec.rb @@ -3,55 +3,102 @@ require 'rails_helper' feature 'Users' do context 'Regular authentication' do - scenario 'Sign up' do - visit '/' - click_link 'Register' + context 'Sign up' do - fill_in 'user_username', with: 'Manuela Carmena' - fill_in 'user_email', with: 'manuela@consul.dev' - fill_in 'user_password', with: 'judgementday' - fill_in 'user_password_confirmation', with: 'judgementday' - check 'user_terms_of_service' + scenario 'Success' do + visit '/' + click_link 'Register' - click_button 'Register' + fill_in 'user_username', with: 'Manuela Carmena' + fill_in 'user_email', with: 'manuela@consul.dev' + fill_in 'user_password', with: 'judgementday' + fill_in 'user_password_confirmation', with: 'judgementday' + check 'user_terms_of_service' - expect(page).to have_content "You have been sent a message containing a verification link. Please click on this link to activate your account." + click_button 'Register' - confirm_email + expect(page).to have_content "You have been sent a message containing a verification link. Please click on this link to activate your account." + + confirm_email + + expect(page).to have_content "Your account has been confirmed." + end + + scenario 'Errors on sign up' do + visit '/' + click_link 'Register' + click_button 'Register' + + expect(page).to have_content error_message + end - expect(page).to have_content "Your account has been confirmed." end - scenario 'Errors on sign up' do - visit '/' - click_link 'Register' - click_button 'Register' + context 'Sign in' do - expect(page).to have_content error_message - end + scenario 'sign in with email' do + create(:user, email: 'manuela@consul.dev', password: 'judgementday') - scenario 'Sign in' do - create(:user, email: 'manuela@consul.dev', password: 'judgementday') + visit '/' + click_link 'Sign in' + fill_in 'user_login', with: 'manuela@consul.dev' + fill_in 'user_password', with: 'judgementday' + click_button 'Enter' - visit '/' - click_link 'Sign in' - fill_in 'user_login', with: 'manuela@consul.dev' - fill_in 'user_password', with: 'judgementday' - click_button 'Enter' + expect(page).to have_content 'You have been signed in successfully.' + end - expect(page).to have_content 'You have been signed in successfully.' - end + scenario 'Sign in with username' do + create(:user, username: '👻👽👾🤖', email: 'ash@nostromo.dev', password: 'xenomorph') - scenario 'Sign in with username' do - create(:user, username: 'larry', email: 'manuela@consul.dev', password: 'judgementday') + visit '/' + click_link 'Sign in' + fill_in 'user_login', with: '👻👽👾🤖' + fill_in 'user_password', with: 'xenomorph' + click_button 'Enter' - visit '/' - click_link 'Sign in' - fill_in 'user_login', with: 'larry' - fill_in 'user_password', with: 'judgementday' - click_button 'Enter' + expect(page).to have_content 'You have been signed in successfully.' + end - expect(page).to have_content 'You have been signed in successfully.' + scenario 'Avoid username-email collisions' do + u1 = create(:user, username: 'Spidey', email: 'peter@nyc.dev', password: 'greatpower') + u2 = create(:user, username: 'peter@nyc.dev', email: 'venom@nyc.dev', password: 'symbiote') + + visit '/' + click_link 'Sign in' + fill_in 'user_login', with: 'peter@nyc.dev' + fill_in 'user_password', with: 'greatpower' + click_button 'Enter' + + expect(page).to have_content 'You have been signed in successfully.' + + visit account_path + + expect(page).to have_link 'My activity', href: user_path(u1) + + visit '/' + click_link 'Sign out' + + expect(page).to have_content 'You have been signed out successfully.' + + click_link 'Sign in' + fill_in 'user_login', with: 'peter@nyc.dev' + fill_in 'user_password', with: 'symbiote' + click_button 'Enter' + + expect(page).to_not have_content 'You have been signed in successfully.' + expect(page).to have_content 'Invalid login or password.' + + fill_in 'user_login', with: 'venom@nyc.dev' + fill_in 'user_password', with: 'symbiote' + click_button 'Enter' + + expect(page).to have_content 'You have been signed in successfully.' + + visit account_path + + expect(page).to have_link 'My activity', href: user_path(u2) + end end end From c4ba6a7e940c43053e21adb48da1b576bf3c343e Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Juanjo=20Baza=CC=81n?= Date: Mon, 12 Jun 2017 19:48:57 +0200 Subject: [PATCH 4/5] updates specs --- spec/features/account_spec.rb | 2 +- spec/features/moderation/users_spec.rb | 4 ++-- spec/features/welcome_spec.rb | 2 +- spec/support/common_actions.rb | 2 +- 4 files changed, 5 insertions(+), 5 deletions(-) diff --git a/spec/features/account_spec.rb b/spec/features/account_spec.rb index ef24226f1..1ed0a4a01 100644 --- a/spec/features/account_spec.rb +++ b/spec/features/account_spec.rb @@ -138,6 +138,6 @@ feature 'Account' do login_through_form_as(@user) - expect(page).to have_content "Invalid email or password" + expect(page).to have_content "Invalid login or password" end end diff --git a/spec/features/moderation/users_spec.rb b/spec/features/moderation/users_spec.rb index 053d29590..e34b4383e 100644 --- a/spec/features/moderation/users_spec.rb +++ b/spec/features/moderation/users_spec.rb @@ -42,11 +42,11 @@ feature 'Moderate users' do visit root_path click_link 'Sign in' - fill_in 'user_email', with: citizen.email + fill_in 'user_login', with: citizen.email fill_in 'user_password', with: citizen.password click_button 'Enter' - expect(page).to have_content 'Invalid email or password' + expect(page).to have_content 'Invalid login or password' expect(current_path).to eq(new_user_session_path) end diff --git a/spec/features/welcome_spec.rb b/spec/features/welcome_spec.rb index 73cd65f5c..ce06befcc 100644 --- a/spec/features/welcome_spec.rb +++ b/spec/features/welcome_spec.rb @@ -18,7 +18,7 @@ feature "Welcome screen" do visit email_path(email_verification_token: encrypted) - fill_in 'user_email', with: user.email + fill_in 'user_login', with: user.email fill_in 'user_password', with: user.password click_button 'Enter' diff --git a/spec/support/common_actions.rb b/spec/support/common_actions.rb index e0fdfe425..327943931 100644 --- a/spec/support/common_actions.rb +++ b/spec/support/common_actions.rb @@ -18,7 +18,7 @@ module CommonActions visit root_path click_link 'Sign in' - fill_in 'user_email', with: user.email + fill_in 'user_login', with: user.email fill_in 'user_password', with: user.password click_button 'Enter' From 2f895d2f6be3c1ef7f60cd50eb8378b19475d8b3 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Juanjo=20Baza=CC=81n?= Date: Tue, 13 Jun 2017 12:22:48 +0200 Subject: [PATCH 5/5] removes else case --- app/models/user.rb | 9 +++------ 1 file changed, 3 insertions(+), 6 deletions(-) diff --git a/app/models/user.rb b/app/models/user.rb index 0eacd47bd..a9318aed0 100644 --- a/app/models/user.rb +++ b/app/models/user.rb @@ -291,12 +291,9 @@ class User < ActiveRecord::Base # overwritting of Devise method to allow login using email OR username def self.find_for_database_authentication(warden_conditions) conditions = warden_conditions.dup - if login = conditions.delete(:login) - where(conditions.to_hash).where(["lower(email) = ?", login.downcase]).first || - where(conditions.to_hash).where(["username = ?", login]).first - elsif conditions.has_key?(:username) || conditions.has_key?(:email) - where(conditions.to_hash).first - end + login = conditions.delete(:login) + where(conditions.to_hash).where(["lower(email) = ?", login.downcase]).first || + where(conditions.to_hash).where(["username = ?", login]).first end private