Added Session controller and helper. Also update user to have a remember_token

author: DavisLWebb <davislwebb@ymail.com> 2014-03-02 17:53:03 -0500
committer: DavisLWebb <davislwebb@ymail.com> 2014-03-02 17:53:03 -0500
commit: 2005734a8ea64cd29d681db81c2bec45c64023b6 (patch)
tree: 31b5c1c8f7df84753d6f93b86a8e4811ab00785e
parent: 7d84062ebe272855c0e6ebbfd991ab277fdc079f (diff)
3 files changed, 52 insertions, 1 deletions
diff --git a/app/controllers/application_controller.rb b/app/controllers/application_controller.rb
index 03ef797..01058e3 100644
--- a/app/controllers/application_controller.rb
+++ b/app/controllers/application_controller.rb
@@ -4,6 +4,6 @@ class ApplicationController < ActionController::Base
   protect_from_forgery with: :exception
 	
 	#include sessionhelper for the session controller and view
-	include SessionHelper
+	include SessionsHelper
 
 end
diff --git a/app/controllers/users_controller.rb b/app/controllers/users_controller.rb
index f4e1499..24d319a 100644
--- a/app/controllers/users_controller.rb
+++ b/app/controllers/users_controller.rb
@@ -3,6 +3,17 @@ class UsersController < ApplicationController
 	def new
 	end
 
+  def create
+    @user = User.new(user_params)
+    if @user.save
+      sign_in @user
+      flash[:success] = "Welcome to the Sample App!"
+      redirect_to @user
+    else
+      render 'new'
+    end
+  end
+
 	def show
 		@user = User.find(param[:id])
 	end
diff --git a/app/models/user.rb b/app/models/user.rb
index 17795cc..6765822 100644
--- a/app/models/user.rb
+++ b/app/models/user.rb
@@ -5,6 +5,14 @@ before_save { self.user_name = user_name.downcase }
 
 =begin
 
+Rails looks for the create_remember_token
+and runs it before anything else
+=end
+
+before_create :create_remember_token
+
+=begin
+
 VAILD_EMAIL is the regex used to valid a user given email.
 
 A break down of the regex is listed below.
@@ -72,6 +80,38 @@ has_secure_password which does all of this for me
 
 	validates :password, length: { minimum: 6 }
 
+	# create a random remember token for the user
+  def User.new_remember_token
+    SecureRandom.urlsafe_base64
+  end
+	
+	# encrypt the remember token
+  def User.hash(token)
+    Digest::SHA1.hexdigest(token.to_s)
+  end
+
+=begin
+
+SHA-1 (Secure Hash Algorithm) is a US engineered hash
+function that produces a 20 byte hash value which typically
+forms a hexadecimal number 40 digits long. 
+The reason I am not using the Bcrypt algorithm is because
+SHA-1 is much faster and I will be calling this on
+every page a user accesses.
+
+https://en.wikipedia.org/wiki/SHA-1
+
+=end
+
+	# everything under private is hidden so you cannot call
+	# create_remember_token in order to ensure security
+	private
+		
+		#assign user a create remember token
+		  def create_remember_token
+		    self.remember_token = User.hash(User.new_remember_token)
+		  end
+
 =begin
 
 in order to ensure that someone did not accidently submit
author	DavisLWebb <davislwebb@ymail.com>	2014-03-02 17:53:03 -0500
committer	DavisLWebb <davislwebb@ymail.com>	2014-03-02 17:53:03 -0500
commit	2005734a8ea64cd29d681db81c2bec45c64023b6 (patch)
tree	31b5c1c8f7df84753d6f93b86a8e4811ab00785e
parent	7d84062ebe272855c0e6ebbfd991ab277fdc079f (diff)