diff --git a/app/controllers/artist_controller.rb b/app/controllers/artist_controller.rb index 50360b7..bddd09c 100644 --- a/app/controllers/artist_controller.rb +++ b/app/controllers/artist_controller.rb @@ -2,7 +2,10 @@ class ArtistController < ApplicationController require 'open-uri' def view - if params[:name].nil? + unless MainController.logged_in request.session['session_id'] + redirect_to '/login' + end + if params[:name].nil? name = '' else if request.request_method == 'POST' diff --git a/app/controllers/main_controller.rb b/app/controllers/main_controller.rb index a9708bd..5a69b89 100644 --- a/app/controllers/main_controller.rb +++ b/app/controllers/main_controller.rb @@ -1,5 +1,17 @@ class MainController < ApplicationController def index + unless MainController.logged_in request.session['session_id'] + redirect_to '/login' + end end - -end + def self.logged_in session_id + user_data = User.collection.find({session_key: Digest::SHA256.hexdigest(session_id)}).first + unless user_data.nil? + user_data['lastvisit'] = Time.now() + User.collection.update({_id: user_data._id}, user_data.attributes) + return true + else + return false + end + end +end \ No newline at end of file diff --git a/app/controllers/user_controller.rb b/app/controllers/user_controller.rb index 6e1dfbe..6d7b5bb 100644 --- a/app/controllers/user_controller.rb +++ b/app/controllers/user_controller.rb @@ -1,11 +1,26 @@ class UserController < ApplicationController + def login + unless params[:email].nil? or params[:password].nil? + user_data = User.collection.find({email: params[:email], password: Digest::SHA256.hexdigest(params[:password])}).first + unless user_data.nil? + user_data['session_key'] = Digest::SHA256.hexdigest(request.session['session_id']) + User.collection.update({_id: user_data._id}, user_data.attributes) + redirect_to '/' + else + redirect_to '/login' + end + else + redirect_to '/login' + end + end + def register data = Invite.where(:email => params[:email], :code => params[:code]).first unless data.nil? @code = data.code @email = data.email else - redirect_to '/' + redirect_to '/login' end end @@ -30,7 +45,7 @@ class UserController < ApplicationController Invite.collection.remove({email: params[:invite_email], code: params[:invite_code]}) else - redirect_to '/' + redirect_to '/login' end end end diff --git a/app/views/layouts/application.html.erb b/app/views/layouts/application.html.erb index 262a1da..8c1b892 100644 --- a/app/views/layouts/application.html.erb +++ b/app/views/layouts/application.html.erb @@ -9,6 +9,8 @@ <%= csrf_meta_tag %> +



+ <%= @params %>
diff --git a/app/views/user/login.erb b/app/views/user/login.erb new file mode 100644 index 0000000..30e07ad --- /dev/null +++ b/app/views/user/login.erb @@ -0,0 +1,24 @@ +
+

Do BeatHaven know you?

+ <%= form_tag('/login', :method => 'post') do -%> + <%= label_tag 'email', 'E-mail' %><%= email_field_tag 'email', nil %> + <%= label_tag 'password', 'Password' %><%= password_field_tag 'password', nil %>
+
+ <%= submit_tag 'Let me in!' %> +
+ <% end -%> +
+ \ No newline at end of file diff --git a/config/routes.rb b/config/routes.rb index a53adb2..598c993 100644 --- a/config/routes.rb +++ b/config/routes.rb @@ -8,8 +8,9 @@ Beathaven::Application.routes.draw do match 'search/autocomplete' => 'artist#autocomplete' # Registration & login - match 'reg/:email/:code' => 'user#register', :constraints => { :email => /[-a-z0-9\._@]+/i, :code => /[a-z0-9]{8}/ } + match 'reg/:email/:code' => 'user#register', :constraints => { :email => /[-a-z0-9\._@]+/i, :code => /[a-f0-9]{64}/ } match 'reg/complete' => 'user#complete' + match 'login' => 'user#login' match '*a', :to => 'errors#routing' end