Commit 7a2c16fa2d71d6bb2a78cc0df2ce607d96109ce3

Date: Sat Jan 12 18:59:46 +0000 2008
Committer: Johan Sørensen (johan@johansorensen.com)
Author: Johan Sørensen (johan@johansorensen.com)
Commit SHA1: 7a2c16fa2d71d6bb2a78cc0df2ce607d96109ce3
Tree SHA1: 1d15c385e2dc3f66cf5942a361810d39d855ea3f

moved changing of password to a seperate page

Commit diff
Comments (0)

app/views/accounts/password.html.erb 25 +++++++++++++++++++++++++
app/controllers/accounts_controller.rb 21 +++++++++++++++++++++
spec/controllers/accounts_controller_spec.rb 27 +++++++++++++++++++++++++++
app/views/accounts/edit.html.erb 9 --------+
app/models/user.rb 2 -+
config/routes.rb 2 -+

Commit diff

Diff rendering mode:
inline
side by side

app/controllers/accounts_controller.rb


18	18	render :action => "edit"
19	19	end
20	20	end
	21
	22	def password
	23	@user = current_user
	24	end
	25
	26	def update_password
	27	@user = current_user
	28	if User.authenticate(current_user.email, params[:user][:current_password])
	29	@user.password = params[:user][:password]
	30	@user.password_confirmation = params[:user][:password_confirmation]
	31	if @user.save
	32	flash[:notice] = "Your password has been changed"
	33	redirect_to account_path
	34	else
	35	render :action => "password"
	36	end
	37	else
	38	flash[:error] = "Your current password doesn't seem to match the one your supplied"
	39	render :action => "password"
	40	end
	41	end
21	42	end
toggle raw diff
--- a/app/controllers/accounts_controller.rb +++ b/app/controllers/accounts_controller.rb @@ -18,4 +18,25 @@ class AccountsController < ApplicationController render :action => "edit" end end + + def password + @user = current_user + end + + def update_password + @user = current_user + if User.authenticate(current_user.email, params[:user][:current_password]) + @user.password = params[:user][:password] + @user.password_confirmation = params[:user][:password_confirmation] + if @user.save + flash[:notice] = "Your password has been changed" + redirect_to account_path + else + render :action => "password" + end + else + flash[:error] = "Your current password doesn't seem to match the one your supplied" + render :action => "password" + end + end end

app/models/user.rb


8	8	has_many :comments
9	9
10	10	# Virtual attribute for the unencrypted password
11		~~attr_accessor :password~~
	11	attr_accessor :password, :current_password
12	12
13	13	attr_protected :login
14	14
toggle raw diff
--- a/app/models/user.rb +++ b/app/models/user.rb @@ -8,7 +8,7 @@ class User < ActiveRecord::Base has_many :comments # Virtual attribute for the unencrypted password - attr_accessor :password + attr_accessor :password, :current_password attr_protected :login

app/views/accounts/edit.html.erb


14	14	<%= f.label :url, "url <small>blog etc</small>" -%><br />
15	15	<%= f.text_field :url, :class => "text" -%>
16	16	</p>
17		~~<p>~~
18		~~<%= f.label :password -%><br />~~
19		~~<%= f.password_field :password, :class => "text" -%>~~
20		~~</p>~~
21		~~<p>~~
22		~~<%= f.label :password_confirmation -%><br />~~
23		~~<%= f.password_field :password_confirmation, :class => "text" -%>~~
24		~~</p>~~
25	17	<%= f.submit "Save" -%>
26	18	<% end -%>
27	19
28	20	<% content_for :submenu do -%>
29	21	<ul>
30	22	<li><%= link_to "← My account", account_path -%></li>
	23	<li><%= link_to "→ Change password", password_account_path -%></li>
31	24	</ul>
32	25	<% end -%>
toggle raw diff
--- a/app/views/accounts/edit.html.erb +++ b/app/views/accounts/edit.html.erb @@ -14,19 +14,12 @@ <%= f.label :url, "url <small>blog etc</small>" -%><br /> <%= f.text_field :url, :class => "text" -%> </p> - <p> - <%= f.label :password -%><br /> - <%= f.password_field :password, :class => "text" -%> - </p> - <p> - <%= f.label :password_confirmation -%><br /> - <%= f.password_field :password_confirmation, :class => "text" -%> - </p> <%= f.submit "Save" -%> <% end -%> <% content_for :submenu do -%> <ul> <li><%= link_to "← My account", account_path -%></li> + <li><%= link_to "→ Change password", password_account_path -%></li> </ul> <% end -%> \ No newline at end of file

app/views/accounts/password.html.erb


	1	<h1>Edit your account</h1>
	2	<%= error_messages_for :user -%>
	3
	4	<% form_for @user, :url => update_password_account_path, :method => :put do \|f\| -%>
	5	<p>
	6	<%= f.label :current_password -%><br />
	7	<%= f.password_field :current_password, :class => "text" -%>
	8	</p>
	9	<p>
	10	<%= f.label :password, "New password" -%><br />
	11	<%= f.password_field :password, :class => "text" -%>
	12	</p>
	13	<p>
	14	<%= f.label :password_confirmation, "New password confirmation" -%><br />
	15	<%= f.password_field :password_confirmation, :class => "text" -%>
	16	</p>
	17	<%= f.submit "Change password" -%>
	18	<% end -%>
	19
	20	<% content_for :submenu do -%>
	21	<ul>
	22	<li><%= link_to "← My account", account_path -%></li>
	23	<li><%= link_to "← Edit details", edit_account_path -%></li>
	24	</ul>
	25	<% end -%>
toggle raw diff
--- /dev/null +++ b/app/views/accounts/password.html.erb @@ -0,0 +1,25 @@ +<h1>Edit your account</h1> +<%= error_messages_for :user -%> + +<% form_for @user, :url => update_password_account_path, :method => :put do \|f\| -%> + <p> + <%= f.label :current_password -%><br /> + <%= f.password_field :current_password, :class => "text" -%> + </p> + <p> + <%= f.label :password, "New password" -%><br /> + <%= f.password_field :password, :class => "text" -%> + </p> + <p> + <%= f.label :password_confirmation, "New password confirmation" -%><br /> + <%= f.password_field :password_confirmation, :class => "text" -%> + </p> + <%= f.submit "Change password" -%> +<% end -%> + +<% content_for :submenu do -%> + <ul> + <li><%= link_to "← My account", account_path -%></li> + <li><%= link_to "← Edit details", edit_account_path -%></li> + </ul> +<% end -%> \ No newline at end of file

config/routes.rb


20	20
21	21	map.root :controller => "site", :action => "index"
22	22
23		~~map.resource :account do \|account\|~~
	23	map.resource :account, :member => {:password => :get, :update_password => :put} do \|account\|
24	24	account.resources :keys
25	25	end
26	26	map.resources :users
toggle raw diff
--- a/config/routes.rb +++ b/config/routes.rb @@ -20,7 +20,7 @@ ActionController::Routing::Routes.draw do \|map\| map.root :controller => "site", :action => "index" - map.resource :account do \|account\| + map.resource :account, :member => {:password => :get, :update_password => :put} do \|account\| account.resources :keys end map.resources :users

spec/controllers/accounts_controller_spec.rb


27	27	put :update, :user => {:password => "fubar", :password_confirmation => "fubar"}
28	28	flash[:notice].should_not be(nil)
29	29	response.should redirect_to(account_path)
	30	end
	31
	32	it "GET /account/password is a-ok" do
	33	get :password
	34	response.should be_success
	35	assigns[:user].should == users(:johan)
	36	end
	37
	38	it "PUT /account/update_password updates password if old one matches" do
	39	put :update_password, :user => {
	40	:current_password => "test",
	41	:password => "fubar",
	42	:password_confirmation => "fubar" }
	43	response.should redirect_to(account_path)
	44	flash[:notice].should match(/Your password has been changed/i)
30	45	User.authenticate(users(:johan).email, "fubar").should == users(:johan)
31	46	end
	47
	48	it "PUT /account/update_password does not update password if old one is wrong" do
	49	put :update_password, :user => {
	50	:current_password => "notthecurrentpassword",
	51	:password => "fubar",
	52	:password_confirmation => "fubar" }
	53	flash[:notice].should == nil
	54	flash[:error].should match(/doesn't seem to match/)
	55	response.should render_template("accounts/password")
	56	User.authenticate(users(:johan).email, "test").should == users(:johan)
	57	User.authenticate(users(:johan).email, "fubar").should == nil
	58	end
32	59
33	60	end
toggle raw diff
--- a/spec/controllers/accounts_controller_spec.rb +++ b/spec/controllers/accounts_controller_spec.rb @@ -27,7 +27,34 @@ describe AccountsController do put :update, :user => {:password => "fubar", :password_confirmation => "fubar"} flash[:notice].should_not be(nil) response.should redirect_to(account_path) + end + + it "GET /account/password is a-ok" do + get :password + response.should be_success + assigns[:user].should == users(:johan) + end + + it "PUT /account/update_password updates password if old one matches" do + put :update_password, :user => { + :current_password => "test", + :password => "fubar", + :password_confirmation => "fubar" } + response.should redirect_to(account_path) + flash[:notice].should match(/Your password has been changed/i) User.authenticate(users(:johan).email, "fubar").should == users(:johan) end + + it "PUT /account/update_password does not update password if old one is wrong" do + put :update_password, :user => { + :current_password => "notthecurrentpassword", + :password => "fubar", + :password_confirmation => "fubar" } + flash[:notice].should == nil + flash[:error].should match(/doesn't seem to match/) + response.should render_template("accounts/password") + User.authenticate(users(:johan).email, "test").should == users(:johan) + User.authenticate(users(:johan).email, "fubar").should == nil + end end

Gitorious

Commit 7a2c16fa2d71d6bb2a78cc0df2ce607d96109ce3

Commit diff

app/controllers/accounts_controller.rb

app/models/user.rb

app/views/accounts/edit.html.erb

app/views/accounts/password.html.erb

config/routes.rb

spec/controllers/accounts_controller_spec.rb