Authlogic 2.0.11

Authlogic Example App - Tutorial on how to create this app and easily setup Authlogic

Ruby	ruby 1.8.6 (2008-08-11 patchlevel 287) [i386-mswin32]
Ruby on Rails	2.3.2
Authlogic	2.0.11

インストール

gem install authlogic

config/environment.rb

config.gem "authlogic"

セッションUserSessionの作成

ruby script/generate session user_session

app/models/user_session.rb

class UserSession < Authlogic::Session::Base
end

Userの作成

ruby script/generate model user login:string crypted_password:string password_salt:string persistence_token:string

app/models/user.rb

class User < ActiveRecord::Base
  acts_as_authentic
end

UserSessionsControllerの作成

ruby script/generate controller user_sessions

app/controllers/application_controller.rb

class ApplicationController < ActionController::Base
  helper :all
  protect_from_forgery

  helper_method :current_user_session, :current_user
  filter_parameter_logging :password, :password_confirmation

  private
    def current_user_session
      return @current_user_session if defined?(@current_user_session)
      @current_user_session = UserSession.find
    end

    def current_user
      return @current_user if defined?(@current_user)
      @current_user = current_user_session && current_user_session.record
    end

    def require_user
      unless current_user
        store_location
        flash[:notice] = "You must be logged in to access this page"
        redirect_to new_user_session_url
        return false
      end
    end

    def require_no_user
      if current_user
        store_location
        flash[:notice] = "You must be logged out to access this page"
        redirect_to account_url
        return false
      end
    end

    def store_location
      session[:return_to] = request.request_uri
    end

    def redirect_back_or_default(default)
      redirect_to(session[:return_to] || default)
      session[:return_to] = nil
    end
end

app/controllers/user_sessions_controller.rb

class UserSessionsController < ApplicationController
  before_filter :require_no_user, :only => [:new, :create]
  before_filter :require_user, :only => :destroy

  def new
    @user_session = UserSession.new
  end

  def create
    @user_session = UserSession.new(params[:user_session])
    if @user_session.save
      flash[:notice] = "Login successful!"
      redirect_back_or_default account_url
    else
      render :action => :new
    end
  end

  def destroy
    current_user_session.destroy
    flash[:notice] = "Logout successful!"
    redirect_back_or_default new_user_session_url
  end
end

app/views/user_sessions/new.html.erb

<h1>Login</h1>
<% form_for @user_session, :url => user_session_path do |f| %>
  <%= f.error_messages %>
  <%= f.label :login %><br />
  <%= f.text_field :login %><br />
  <br />
  <%= f.label :password %><br />
  <%= f.password_field :password %><br />
  <br />
  <%= f.submit "Login" %>
<% end %>

config/routes.rb

map.resource :user_session
map.root :controller => "user_sessions", :action => "new"

UsersControllerの作成

ruby script/generate controller users

app/controllers/users_controller.rb

class UsersController < ApplicationController
  before_filter :require_no_user, :only => [:new, :create]
  before_filter :require_user, :only => [:show, :edit, :update]

  def new
    @user = User.new
  end

  def create
    @user = User.new(params[:user])
    if @user.save
      flash[:notice] = "Account registered!"
      redirect_back_or_default account_url
    else
      render :action => :new
    end
  end

  def show
    @user = @current_user
  end

  def edit
    @user = @current_user
  end

  def update
    @user = @current_user # makes our views "cleaner" and more consistent
    if @user.update_attributes(params[:user])
      flash[:notice] = "Account updated!"
      redirect_to account_url
    else
      render :action => :edit
    end
  end
end

app/views/users/_form.html.erb

<%= form.label :login %><br />
<%= form.text_field :login %><br />
<br />
<%= form.label :password, form.object.new_record? ? nil : "Change password" %><br />
<%= form.password_field :password %><br />
<br />
<%= form.label :password_confirmation %><br />
<%= form.password_field :password_confirmation %><br />

app/views/users/edit.html.erb

<h1>Edit My Account</h1>
<% form_for @user, :url => account_path do |f| %>
  <%= f.error_messages %>
  <%= render :partial => "form", :object => f %>
  <%= f.submit "Update" %>
<% end %>
<br />
<%= link_to "My Profile", account_path %>

app/views/users/new.html.erb

<h1>Register</h1>
<% form_for @user, :url => account_path do |f| %>
  <%= f.error_messages %>
  <%= render :partial => "form", :object => f %>
  <%= f.submit "Register" %>
<% end %>

app/views/users/show.html.erb

<p>
  <b>Login:</b>
  <%=h @user.login %>
</p>
<%= link_to 'Edit', edit_account_path %>

config/routes.rb

map.resource :account, :controller => "users"
map.resources :users