diff --git a/app/controllers/application_controller.rb b/app/controllers/application_controller.rb index 038fdea..ae16a8c 100644 --- a/app/controllers/application_controller.rb +++ b/app/controllers/application_controller.rb @@ -1,6 +1,7 @@ class ApplicationController < ActionController::Base before_action :set_locale - + protect_from_forgery with: :exception + include SessionsHelper include Pagy::Backend private diff --git a/app/controllers/sessions_controller.rb b/app/controllers/sessions_controller.rb new file mode 100644 index 0000000..5ae8c34 --- /dev/null +++ b/app/controllers/sessions_controller.rb @@ -0,0 +1,20 @@ +class SessionsController < ApplicationController + def new; end + + def create + user = User.find_by email: params[:session][:email].downcase + if user&.authenticate params[:session][:password] + log_in user + redirect_to root_url + else + @email = params[:session][:email] + flash.now[:danger] = t ".invalid_email_password" + render :new + end + end + + def destroy + log_out + redirect_to root_url + end +end diff --git a/app/helpers/sessions_helper.rb b/app/helpers/sessions_helper.rb new file mode 100644 index 0000000..40c90f1 --- /dev/null +++ b/app/helpers/sessions_helper.rb @@ -0,0 +1,20 @@ +module SessionsHelper + def log_in user + session[:user_id] = user.id + session[:user_name] = user.name + end + + def current_user + @current_user ||= User.find_by id: session[:user_id] + end + + def logged_in? + current_user.present? + end + + def log_out + session.delete :user_id + session.delete :user_name + @current_user = nil + end +end diff --git a/app/models/user.rb b/app/models/user.rb index b6879b8..4a58797 100644 --- a/app/models/user.rb +++ b/app/models/user.rb @@ -2,4 +2,17 @@ class User < ApplicationRecord has_many :addresses, dependent: :destroy has_many :orders, dependent: :destroy has_many :comments, dependent: :destroy + + has_secure_password + + class << self + def digest string + cost = if ActiveModel::SecurePassword.min_cost + BCrypt::Engine::MIN_COST + else + BCrypt::Engine.cost + end + BCrypt::Password.create string, cost: cost + end + end end diff --git a/app/views/layouts/application.html.erb b/app/views/layouts/application.html.erb index d107ed1..e585ce4 100644 --- a/app/views/layouts/application.html.erb +++ b/app/views/layouts/application.html.erb @@ -6,18 +6,17 @@ <%= csrf_meta_tags %> <%= csp_meta_tag %> - - - - - <%= stylesheet_link_tag "application", media: "all", "data-turbolinks-track": "reload" %> <%= javascript_pack_tag "application", "data-turbolinks-track": "reload" %> <%= render "shared/header" %> - <%= yield %> +
+
+ <%= yield %> +
+
<%= render "shared/footer" %> diff --git a/app/views/sessions/new.html.erb b/app/views/sessions/new.html.erb new file mode 100644 index 0000000..27f1bcd --- /dev/null +++ b/app/views/sessions/new.html.erb @@ -0,0 +1,45 @@ +<% provide :title, t(".title") %> +
+
+ +
+
+ <% flash.each do |message_type, message| %> +
<%= message %>
+ <% end %> +
+
+
+
+ +
+
+
+
diff --git a/app/views/shared/_error_messages.html.erb b/app/views/shared/_error_messages.html.erb new file mode 100644 index 0000000..d78ae3b --- /dev/null +++ b/app/views/shared/_error_messages.html.erb @@ -0,0 +1,13 @@ +<% if object.errors.any? %> +
+
+ <%= t "the_form_contains" %> + <%= t "errors.error_message", count: pluralize(@user.errors.count, t("errors.error_singular")) %> +
+ +
+<% end %> diff --git a/app/views/shared/_header.html.erb b/app/views/shared/_header.html.erb index fccc128..8c517e4 100644 --- a/app/views/shared/_header.html.erb +++ b/app/views/shared/_header.html.erb @@ -13,12 +13,22 @@
-
-
- -
-
+ <%= render "shared/navbar" %> diff --git a/app/views/shared/_navbar.html.erb b/app/views/shared/_navbar.html.erb new file mode 100644 index 0000000..f592b02 --- /dev/null +++ b/app/views/shared/_navbar.html.erb @@ -0,0 +1,23 @@ +
+
+ +
+
diff --git a/app/views/static_pages/home.html.erb b/app/views/static_pages/home.html.erb index 8920a1d..04f8386 100644 --- a/app/views/static_pages/home.html.erb +++ b/app/views/static_pages/home.html.erb @@ -1,43 +1,34 @@ -
-
+<%= render "shared/banner" %> - - <%= render "shared/banner" %> - - -
-

<%= t ".on_sale" %>

-
- <%= link_to "#", class: "link-banner banner-effect-2" do %> -
- <%= image_tag("fashion-accesories-banner.jpg", alt: "", width: "1170", height: "240") %> -
- <% end %> -
-
+
+

<%= t ".on_sale" %>

+
+ <%= link_to "#", class: "link-banner banner-effect-2" do %> +
+ <%= image_tag("fashion-accesories-banner.jpg", alt: "", width: "1170", height: "240") %> +
+ <% end %> +
+
- -
-

<%= t ".latest_products" %>

-
- <%= link_to "#", class: "link-banner banner-effect-2" do %> -
- <%= image_tag("digital-electronic-banner.jpg", alt: "", width: "1170", height: "240") %> -
- <% end %> -
-
+
+

<%= t ".latest_products" %>

+
+ <%= link_to "#", class: "link-banner banner-effect-2" do %> +
+ <%= image_tag("digital-electronic-banner.jpg", alt: "", width: "1170", height: "240") %> +
+ <% end %> +
+
- -
-

<%= t ".product_categories" %>

-
- <%= link_to "#", class: "link-banner banner-effect-2" do %> -
- <%= image_tag("fashion-accesories-banner.jpg", alt: "", width: "1170", height: "240") %> -
- <% end %> -
-
+
+

<%= t ".product_categories" %>

+
+ <%= link_to "#", class: "link-banner banner-effect-2" do %> +
+ <%= image_tag("fashion-accesories-banner.jpg", alt: "", width: "1170", height: "240") %> +
+ <% end %>
-
+ diff --git a/config/locales/en.yml b/config/locales/en.yml index 1381e44..e3f37d9 100644 --- a/config/locales/en.yml +++ b/config/locales/en.yml @@ -47,3 +47,22 @@ en: languages: en: "English" vi: "Vietnamese" + errors: + error_message: "Please fix the following errors: %{count}" + error_singular: "error" + invalid_email_password_combination: "Invalid email / password combination" + not_activated: "Your account is not activated yet. Please check your email for activation instructions." + sessions: + new: + title: "Login" + new_user: "Create new account" + password: "Password" + login_success: "Login success" + home: "Home" + login_to_account: "Log in to your account" + email: "Email Address" + password: "Password" + remember_me: "Remember me" + forgot_password: "Forgotten password?" + create: + invalid_email_password: "Login fail" diff --git a/config/locales/vi.yml b/config/locales/vi.yml index 4181ee6..e95b5e3 100644 --- a/config/locales/vi.yml +++ b/config/locales/vi.yml @@ -47,3 +47,22 @@ vi: languages: en: English vi: "Tiếng Việt" + errors: + error_message: "Vui lòng sửa các lỗi sau: %{count} " + error_singular: "lỗi" + invalid_email_password_combination: "Email / Mật khẩu không hợp lệ" + not_activated: "Tài khoản của bạn chưa được kích hoạt. Vui lòng kiểm tra email của bạn để biết thêm chi tiết." + sessions: + new: + title: "Đăng Nhập" + new_user: "Bạn chưa có tài khoản" + password: "Mật khẩu" + login_success: "Đăng nhập thành công" + home: "Trang chủ" + login_to_account: "Đăng nhập" + email: "Địa chỉ email" + password: "Mật khẩu" + remember_me: "Nhớ mật khẩu" + forgot_password: "Quên mật khẩu?" + create: + invalid_email_password: "Đăng nhập thất bại" diff --git a/config/routes.rb b/config/routes.rb index 176ab4e..11f806b 100644 --- a/config/routes.rb +++ b/config/routes.rb @@ -2,5 +2,9 @@ scope "(:locale)", locale: /en|vi/ do root "static_pages#home" get "static_pages/home" + + get "/login", to: "sessions#new" + post "/login", to: "sessions#create" + delete "/logout", to: "sessions#destroy" end end diff --git a/db/seeds.rb b/db/seeds.rb index f3a0480..fe5a435 100644 --- a/db/seeds.rb +++ b/db/seeds.rb @@ -1,7 +1,18 @@ -# This file should contain all the record creation needed to seed the database with its default values. -# The data can then be loaded with the bin/rails db:seed command (or created alongside the database with db:setup). -# -# Examples: -# -# movies = Movie.create([{ name: 'Star Wars' }, { name: 'Lord of the Rings' }]) -# Character.create(name: 'Luke', movie: movies.first) +User.create!(name: "Example User", + email: "user@gmail.com", + password: "user123", + password_confirmation: "user123", + is_role: 1, + activated: true +) +10.times do |n| + name = Faker::Name.name + email = "example#{n+1}@project.org" + password = "password" + User.create!(name: name, + email: email, + password: password, + password_confirmation: password, + activated: true + ) +end