Model
1) script/generate model user
1.1) edite o arquivo db/migrate/XXX_create_users.rb
class CreateUsers < ActiveRecord::Migration
def self.up
create_table :users do |t|
t.column :firstname, :string
t.column :lastname, :string
t.column :username, :string, :null => false
t.column :password, :string, :null => false
t.column :hashed_password, :string, :limit => 40, :null => false
t.column :admin, :boolean, :default => 0
end
end
def self.down
drop_table :users
end
end
1.2) edite o app/models/user.rb
require ’sha1′
class User < ActiveRecord::Base
attr_accessor :password
attr_protected :hashed_password
validates_presence_of :password, :password_confirmation
validates_uniqueness_of :username
validates_confirmation_of :password, 
n => :create,
:if => lambda { |user| user.new_record? or not user.password.blank? }
validates_length_of :password, :within => 5..40,
:if => lambda { |user| user.new_record? or not user.password.blank? }
def self.hashed(str)
SHA1.new(str).to_s
end
def self.authenticate(user_info)
user = find_by_username(user_info[:username])
if user && user.hashed_password == hashed(user_info[:password])
return user
end
end
before_save :hashed_password
before_update :hashed_password
def hashed_password
if not password.blank?
self.hashed_password = self.class.hashed(password)
end
end
end
Controller
2) script/generate controller user index login process_login logout update_password
2.1) edite o arquivo app/controllers/user_controller.rb
class UserController < ApplicationController
before_filter :login_required, nly => :my_account
def index
render :action => “login”
end
def login
@user = User.new
@user.username = params[:username]
end
def process_login
if user = User.authenticate(params[:user])
session[:user] = user.id
redirect_to session[:return_to] || “/”
else
flash[:error] = “Invalid login.”
redirect_to :action => “login”, :username => params[:user][:username]
end
end
def logout
session[:user] = nil
flash[:message] = “Logout successfully.”
redirect_to :action => “login”
end
def update_password
if request.post?
#Store password fields
password = params[:user][:password]
password_confirmation = params[:user][:password_confirmation]
@user = User.find(session_user.id)
if @user
if password == password_confirmation
if password.blank? or password_confirmation.blank?
flash["error"] = “Password and/or Password Confirm is blank.”
else
@user.password_confirmation = password_confirmation
@user.update_attribute(“password”, password)
if @user.save
flash["message"] = “Password was successfully changed.”
end
end
else
flash["error"] = “Password and/or Password Confirm invalid.”
end
end
redirect_to :action => “my_account”
end
end
def my_account
end
end
3) agora edite o app/controllers/application.rb
class ApplicationController < ActionController::Base
before_filter :set_user
helper_method :session_user
User.content_columns.each do |column|
in_place_edit_for :user, column.name
end
def set_user
@user = User.find(session[:user]) if @user.nil? && session[:user]
end
def session_user
@session_user ||= User.find(:first, :conditions => ["id = ?", session[:user]])
end
def login_required
return true if @user
access_denied
return false
end
def access_denied
session[:return_to] = request.request_uri
flash[:error] = “Oops. You need to login before you can view that page.”
redirect_to :controller => “user”, :action => “login”
end
end
Views
<!– app/views/user/login.rhtml –>
<% if @flash[:message] %><div><%= @flash[:message] %></div><% end %>
<% if @flash[:error] %><div><%= @flash[:error] %></div><% end %>
<%= form_tag :action => ‘process_login’ %>
Username: <%= text_field “user”, “username” %>
Password: <%= password_field “user”, “password” %>
<%= submit_tag %>
<%= end_form_tag %>
<!– app/views/user/my_account.rhtml –>
<h2>Account Info</h2>
<%= error_messages_for “user” %>
<% if flash["error"] %><p><%= flash["error"] %></p><% end %>
<% if flash["message"] %><p><%= flash["message"] %></p><% end %>
<h3>Hello! <%= session_user.lastname %>, <%= session_user.firstname %></h3>
<cite>P.S: If you want edit some field, click on value.</cite>
<p><strong>Firstname:</strong> <%= in_place_editor_field :user, :firstname %></p>
<p><strong>Lastname:</strong> <%= in_place_editor_field :user, :lastname %></p>
<p><strong>Username:</strong> <%= in_place_editor_field :user, :username %></p>
<p>
<%= form_tag :action => “update_password” %>
<strong>New password:</strong>
<br />
<%= password_field “user”, “password” %>
<br />
<strong>Confirm:</strong>
<br />
<%= password_field “user”, “password_confirmation” %>
<br /><br />
<%= submit_tag “Change my password” %>
<%= end_form_tag %>
</p>
Layouts
4) crie ou edite o app/views/layouts/application.rhtml
<html>
<head>
<title>título</title>
<%= javascript_include_tag :defaults %>
</head>
<body>
<div id=”all”>
<div id=”header”>
<h1>header</h1>
</div>
<div id=”contents”>
<%= yield %>
</div>
</div>
</body>
</html>
