summaryrefslogtreecommitdiff
path: root/app
diff options
context:
space:
mode:
Diffstat (limited to 'app')
-rw-r--r--app/assets/stylesheets/patch54
-rw-r--r--app/controllers/sessions_controller.rb35
-rw-r--r--app/helpers/sessions_helper.rb22
-rw-r--r--app/models/match.rb4
-rw-r--r--app/views/sessions/new.html.erb43
5 files changed, 56 insertions, 102 deletions
diff --git a/app/assets/stylesheets/patch b/app/assets/stylesheets/patch
deleted file mode 100644
index 0997417..0000000
--- a/app/assets/stylesheets/patch
+++ /dev/null
@@ -1,54 +0,0 @@
-commit 10f01633176ca214e7aec6be61ed3344035ec77e
-Merge: 99dff7e 20f7b74
-Author: webb39 <webb39@purdue.edu>
-Date: Mon Mar 10 20:41:27 2014 -0400
-
- Merge branch 'master' of https://github.com/LukeShu/Leaguer
-
-commit 99dff7e01a65986338824804651367e97a0d1923
-Merge: 1f00553 f0c03cd
-Author: webb39 <webb39@purdue.edu>
-Date: Mon Mar 10 20:41:16 2014 -0400
-
- Merge https://github.com/LukeShu/Leaguer
-
- Conflicts:
- doc/Sprint1-Retrospective.md
-
-commit 1f00553cbc5d281efe3ac1b434d16537a17bc969
-Author: webb39 <webb39@purdue.edu>
-Date: Mon Mar 10 20:36:31 2014 -0400
-
- added match controller information
-
-diff --git a/doc/Sprint1-Retrospective.md b/doc/Sprint1-Retrospective.md
-index 3da3669..ae1b07a 100644
---- a/doc/Sprint1-Retrospective.md
-+++ b/doc/Sprint1-Retrospective.md
-@@ -97,13 +97,24 @@ f
- f
-
- ## Login (UI) {#login-ui}
--
-+
- ## Tournament settings {#tourney-settings}
--
-+
- ## Tournament registration {#tourney-registration}
-
- ## Match controller {#match-controller}
-
-+The Match Controller creates the separate matches for a specific tournament.
-+When a tournament is started, it begins with an initial match that contains
-+no players. Currently, a player must join a match by entering the specific
-+tournament (by clicking the 'show' button on the tournament),
-+then they must enter the match (again by clicking the 'show' button but this
-+time on the match they desire to participate in) and then finally clicking
-+the 'join' button. This updates the match with the user as a participant in
-+the matc and then finally clicking the 'join' button. This updates the match
-+with the user as a participant in the match. A match can also be destroyed
-+by clicking the 'delete' button on the no longer desired match on the page.
-+
- ## Permissions system {#permissions}
-
- ## Tournament view {#tourney-view}
diff --git a/app/controllers/sessions_controller.rb b/app/controllers/sessions_controller.rb
index dfaeebc..5d96b3e 100644
--- a/app/controllers/sessions_controller.rb
+++ b/app/controllers/sessions_controller.rb
@@ -2,26 +2,24 @@ class SessionsController < ApplicationController
# GET /sessions/new
def new
- @user = User.new
- #@session = Session.new
end
# POST /sessions
# POST /sessions.json
def create
# find the user...
- @user = User.find_by_email(params[:session][:username_or_email]) || User.find_by_user_name(params[:session][:username_or_email])
+ user = User.find_by_email(params[:username_or_email].to_s) || User.find_by_user_name(params[:username_or_email].to_s)
#@session = Session.new(@user)
# ... and create a new session
respond_to do |format|
- if @user && @user.authenticate(params[:session][:password])
- sign_in @user
- format.html { redirect_to root_path }
+ if user && user.authenticate(params[:password].to_s)
+ sign_in user
+ format.html { redirect_to root_path, notice: "Welcome, #{user.name}" } # TODO; previous URL
#format.json { # TODO }
else
format.html { render action: 'new' }
- format.json { render json: @user.errors, status: :unprocessable_entity }
+ format.json { render json: user.errors, status: :unprocessable_entity }
end
end
end
@@ -38,14 +36,23 @@ class SessionsController < ApplicationController
end
private
- # Use callbacks to share common setup or constraints between actions.
- def set_session
- @token = Session.hash_token(cookies[:remember_token])
- @session = Session.find_by(token: @token)
+
+ # Only allow creating a session if not logged in.
+ def check_create
+ unless current_user.nil?
+ respond_to do |format|
+ format.html { redirect_to root_path, notice: "You are already logged in" } # TODO: previous URL
+ format.json { render json: {"errors" => ["already logged in"]}, status: :forbidden }
+ end
+ end
end
- # Never trust parameters from the scary internet, only allow the white list through.
- def session_params
- params.require(:session).permit(:session_email, :session_user_name, :session_password)
+ def check_delete
+ unless signed_in?
+ respond_to do |format|
+ format.html { redirect_to root_path, notice: "You are not logged in" } # TODO: previous URL
+ format.json { render json: {"errors" => ["not logged in"]}, status: :forbidden }
+ end
+ end
end
end
diff --git a/app/helpers/sessions_helper.rb b/app/helpers/sessions_helper.rb
index 499e988..7599a0a 100644
--- a/app/helpers/sessions_helper.rb
+++ b/app/helpers/sessions_helper.rb
@@ -2,25 +2,24 @@ require 'user'
module SessionsHelper
def sign_in(user)
- @session = Session.new(user: user)
- raw_token = @session.create_token
- @session.save # FIXME: error handling
+ session = Session.new(user: user)
+ raw_token = session.create_token
+ session.save!
- @token = Session.hash_token(raw_token)
+ token = Session.hash_token(raw_token)
cookies.permanent[:remember_token] = { value: raw_token, expires: 20.minutes.from_now.utc }
+ end
- #set the current user to be the given user
- @current_user = user
+ def current_session
+ Session.find_by(token: Session.hash_token(cookies[:remember_token]))
end
- # sets the @current_user instance virable to the user corresponding
+ # sets the @current_user instance varable to the user corresponding
# to the remember token, but only if @current_user is undefined
# since the remember token is hashed, we need to hash the cookie
# to find match the remember token
def current_user
- @token ||= Session.hash_token(cookies[:remember_token])
- @session ||= Session.find_by(token: @token)
- @current_user ||= (@session.nil? ? User::NilUser.new : @session.user)
+ return (current_session.nil? ? User::NilUser.new : current_session.user)
end
# checks if someone is currently signed in
@@ -30,9 +29,8 @@ module SessionsHelper
def sign_out
if signed_in?
- @session.destroy
+ current_session.destroy
end
- @current_user = User::NilUser.new
cookies.delete(:remember_token)
end
diff --git a/app/models/match.rb b/app/models/match.rb
index 65e2047..cdfa0d7 100644
--- a/app/models/match.rb
+++ b/app/models/match.rb
@@ -19,7 +19,7 @@ class Match < ActiveRecord::Base
# such that the match may be considered finished.
def finished?
ok = true
- tournament_stage.scoring.stats_needed.each do |stat|
+ tournament_stage.scoring.stats_needed(self).each do |stat|
self.users.each do |user|
ok &= statistics.where(match: self, user: user, name: stat)
end
@@ -87,7 +87,7 @@ class Match < ActiveRecord::Base
def figure_sampling_methods
if @sampling_methods.nil?
data = {}
- needed = self.tournament_stage.scoring.stats_needed
+ needed = self.tournament_stage.scoring.stats_needed(self)
methods_names = self.tournament_stage.tournament.sampling_methods
methods_names.each do |method_name|
method_class = "Sampling::#{method_name.camelcase}".constantize
diff --git a/app/views/sessions/new.html.erb b/app/views/sessions/new.html.erb
index ff27762..97f09b6 100644
--- a/app/views/sessions/new.html.erb
+++ b/app/views/sessions/new.html.erb
@@ -1,23 +1,26 @@
<h1>Sign in</h1>
-<% if @user.nil? %>
- <p class="errors"> The email/username or password is incorrect. Verify that CAPS LOCK is not on, and then retype the current email/username and password. </p>
-<% end %>
- <div class="span6 offset3">
- <%= form_for(:session, url: sessions_path) do |f| %>
- <p>
- <%= f.label(:username_or_email, "Username/Email") %><br/>
- <%= f.text_field :username_or_email%>
- </p>
- <p>
- <%= f.label :password %><br/>
- <%= f.password_field :password %>
- </p>
- <p>
- <%= f.submit "Log in", class: "signin" %>
- </p>
- <% end %>
-
- <p>New user? <%= link_to("Sign up now!", new_user_path) %></p>
- </div>
+<div>
+ <%= form_tag(sessions_path, method: :post, id: :new_session) do %>
+ <% if params[:action] == "create" %>
+ <div id="error_explanation">
+ <p>The username/password pair you entered did
+ not match our records. Check your typing and
+ try again.</p>
+ </div>
+ <% end %>
+ <p>
+ <%= label_tag(:username_or_email, "Username/Email") %><br/>
+ <%= text_field_tag(:username_or_email) %>
+ </p>
+ <p>
+ <%= label_tag(:password) %><br/>
+ <%= password_field_tag(:password) %>
+ </p>
+ <p>
+ <%= submit_tag("Log in", class: :signin) %>
+ </p>
+ <% end %>
+ <p>New user? <%= link_to("Sign up now!", new_user_path) %></p>
+</div>