Login stuff with POST redirect not working yet

author: francis <francis> 2007-10-03 17:13:50 +0000
committer: francis <francis> 2007-10-03 17:13:50 +0000
commit: 5abd4a8fd64c5074323ecd25752b4cf27d566fa2 (patch)
tree: 5b47e3f593f5145cefe1581c717efe00e1a93f30
parent: 7c52ca4f1e0c1b81edd6e8e996de22c76797a2c1 (diff)
5 files changed, 133 insertions, 20 deletions
diff --git a/app/controllers/application.rb b/app/controllers/application.rb
index 43dec5e5e..c06e69915 100644
--- a/app/controllers/application.rb
+++ b/app/controllers/application.rb
@@ -6,7 +6,7 @@
 # Copyright (c) 2007 UK Citizens Online Democracy. All rights reserved.
 # Email: francis@mysociety.org; WWW: http://www.mysociety.org/
 #
-# $Id: application.rb,v 1.7 2007-09-17 06:24:40 francis Exp $
+# $Id: application.rb,v 1.8 2007-10-03 17:13:50 francis Exp $
 
 
 class ApplicationController < ActionController::Base
@@ -18,16 +18,48 @@ class ApplicationController < ActionController::Base
 
     # Login form
     def signin
-        if request.post?
-            user = User.authenticate(params[:email], params[:password])
-            if user
-                session[:user] = user.id
-                redirect_to :action => session[:intended_action], :controller => session[:intended_controller]
+        if not params[:user] 
+            # First time page is shown
+            render :template => 'user_accounts/signin'
+        elsif params[:returning] == "0"
+            # "I am new to FOIFA"
+            session[:email] = params[:user][:email]
+            redirect_to :action => 'signup'
+        elsif params[:returning] == "1"
+            # "I am returning to FOIFA and my password is"
+            @user = User.authenticate(params[:user][:email], params[:user][:password])
+            if @user
+                # Successful login
+                session[:user] = @user.id
+                redirect_to :action => session[:intended_action], :controller => session[:intended_controller], :post_redirect => 1
             else
-                flash[:error] = "Email or password not correct"
+                # Failed to authenticate
+                flash[:error] = "Email or password not correct, please try again"
             end
+            @user = User.new(params[:user])
+            render :template => 'user_accounts/signin'
+        else
+            # Form submitted, but didn't specify whether had already used FOIFA or not
+            flash[:error] = "Please say whether you already have a FOIFA account or not"
+            @user = User.new(params[:user])
+            render :template => 'user_accounts/signin'
+        end
+    end
+
+    # Create new account form
+    def signup
+        # Default to value saved from signin form
+        params[:user] ||= { :email => session[:email] }
+
+        # Make the user and try to save it
+        @user = User.new(params[:user])
+        if not @user.save
+            render :template => 'user_accounts/signup'
+        else
+            # New user made, redirect back to where we were
+            session[:user] = @user.id
+            redirect_to :action => session[:intended_action], :controller => session[:intended_controller], :post_redirect => 1
         end
-        render :template => 'user_accounts/signin'
     end
 
     # Logout form
@@ -43,12 +75,23 @@ class ApplicationController < ActionController::Base
         unless session[:user]
             session[:intended_action] = action_name
             session[:intended_controller] = controller_name
+            session[:intended_params] = params
             redirect_to :action => "signin"
             return false
         end
         return true
     end
 
+    # For redirects to POST requests
+    before_filter :post_redirect
+    def post_redirect
+        #raise session[:intended_params].to_yaml
+        if params[:post_redirect]
+# XXX this is the bit where I want to set params for the controller from the session
+#            CGI::QueryExtension.params = session[:intended_params]
+        end
+    end
+
     # For administration interface, return display name of authenticated user
     def admin_http_auth_user
         if not request.env["REMOTE_USER"]
diff --git a/app/controllers/file_request_controller.rb b/app/controllers/file_request_controller.rb
index 2b62cb796..bfb2c27be 100644
--- a/app/controllers/file_request_controller.rb
+++ b/app/controllers/file_request_controller.rb
@@ -4,7 +4,7 @@
 # Copyright (c) 2007 UK Citizens Online Democracy. All rights reserved.
 # Email: francis@mysociety.org; WWW: http://www.mysociety.org/
 #
-# $Id: file_request_controller.rb,v 1.10 2007-09-17 10:13:45 francis Exp $
+# $Id: file_request_controller.rb,v 1.11 2007-10-03 17:13:50 francis Exp $
 
 class FileRequestController < ApplicationController
     def index
@@ -22,8 +22,10 @@ class FileRequestController < ApplicationController
         @outgoing_message.info_request = @info_request
 
         # This automatically saves dependent objects, such as @info_request, in the same transaction
-        if not @info_request.save
+        if not @info_request.valid?
             render :action => 'index'
+        elsif check_authentication
+            @info_request.save
         end
 
         # Save both models
diff --git a/app/models/user.rb b/app/models/user.rb
index 781482dcf..98a27b83b 100644
--- a/app/models/user.rb
+++ b/app/models/user.rb
@@ -4,7 +4,7 @@
 # Copyright (c) 2007 UK Citizens Online Democracy. All rights reserved.
 # Email: francis@mysociety.org; WWW: http://www.mysociety.org/
 #
-# $Id: user.rb,v 1.7 2007-09-17 10:13:24 francis Exp $
+# $Id: user.rb,v 1.8 2007-10-03 17:13:50 francis Exp $
 
 require 'digest/sha1'
 
@@ -49,6 +49,20 @@ class User < ActiveRecord::Base
 
     private
 
+    # XXX - wanted to override initialize to return existing model if
+    # authentication succeeds, but couldn't get it to work. This would move
+    # some code from controllers/application.rb
+    #def initialize(params = {}) 
+    #    raise params.to_yaml
+       # if not params[:email].empty? and not params[:password].empty?
+       #     user = self.authenticate(params[:email], params[:password])
+       #     if user
+       #         return user
+       #     end
+       # end
+    #    super
+    #end
+
     def self.encrypted_password(password, salt)
         string_to_hash = password + salt # XXX need to add a secret here too?
         Digest::SHA1.hexdigest(string_to_hash)
diff --git a/app/views/user_accounts/signin.rhtml b/app/views/user_accounts/signin.rhtml
index 013fe8077..b93088559 100644
--- a/app/views/user_accounts/signin.rhtml
+++ b/app/views/user_accounts/signin.rhtml
@@ -1,13 +1,31 @@
+<%= foi_error_messages_for :user %>
 
-<%= start_form_tag :action => "signin" %>
+<% form_tag({:action => "signin"}, {:id => "accountForm"}) do %>
     <p>
-    <label for="email">Enter your e-mail address:</label>
-    <%= text_field_tag "email" %>
+    <label for="user_email" id="signin_email"><strong>Enter your e-mail address:</strong></label>
+    <%= text_field 'user', 'email', { :size => 20 } %>
     </p>
+
+    <p>
+    <%= radio_button_tag 'returning', 0, params[:returning] == "0" %>
+    <label for="returning_0" class="radio_label"><strong>I am new to FOIFA</strong></label>
+    </p>
+
     <p>
-    <label for="password">Password:</label>
-    <%= password_field_tag "password" %>
+    <%= radio_button_tag 'returning', 1, params[:returning] == "1" %>
+    <label for="returning_1" class="radio_label"><strong>I am returning to FOIFA and
+    my password is:</strong></label>
     </p>
+
+    <p>
+    <label for="user_password">&nbsp;</label>
+    <%= password_field 'user', 'password', { :size => 15 } %>
+    </p>
+
+    <p>
+    <label for="submit">&nbsp;</label>
     <%= submit_tag "Sign in" %>
-<%= end_form_tag %>
+    </p>
+
+<% end %>
 
diff --git a/public/stylesheets/main.css b/public/stylesheets/main.css
index 39b04d6cf..3b5f145c2 100644
--- a/public/stylesheets/main.css
+++ b/public/stylesheets/main.css
@@ -26,7 +26,6 @@ a:hover, a:active {
 
 form {
     margin: 0;
-
     padding: 1em;
     background-color: #97E300;
     -moz-border-radius: 1em;
@@ -42,17 +41,18 @@ label {
     text-align: right;
     padding-right: 0.5em;
     width: 10em;
+    margin-bottom: 0.5em;
 }
 
 /* Flashes */
 
-#errorExplanation, #notice {
+#errorExplanation, #error, #notice {
     text-align: center;
     font-size: larger;
     padding: 4px;
     margin: 1em;
 }
-#errorExplanation {
+#errorExplanation, #error {
     color: #cc0000;
     background-color: #ffcccc;
     border: solid 1px #cc0000;
@@ -67,6 +67,7 @@ label {
 
 .fieldWithErrors input, .fieldWithErrors input[type=text], 
 .fieldWithErrors select, .fieldWithErrors input[type=radio],
+.fieldWithErrors input[type=password],
 .fieldWithErrors textarea
 {
     border: solid 1px #cc0000;
@@ -164,4 +165,39 @@ label {
     float: right;
 }
 
+/* User accounts */
+
+#accountForm {
+    width: 75%;
+}
+
+#accountForm label {
+    width: 15em;
+/*    font-weight: bold; */
+}
+
+#accountForm input[type=radio] {
+    float: left;
+    text-align: right;
+    padding-right: 0.5em;
+    margin-left: 14em;
+}
+
+#accountForm .radio_label {
+    text-align: left;
+    margin-left: 0.5em;
+    float: none;
+}
+
+#accountForm .form_note {
+    display: block;
+    margin-left: 16em;
+    clear: both;
+}
+
+#accountForm h2 {
+    text-align: center;
+}
+
+
author	francis <francis>	2007-10-03 17:13:50 +0000
committer	francis <francis>	2007-10-03 17:13:50 +0000
commit	5abd4a8fd64c5074323ecd25752b4cf27d566fa2 (patch)
tree	5b47e3f593f5145cefe1581c717efe00e1a93f30
parent	7c52ca4f1e0c1b81edd6e8e996de22c76797a2c1 (diff)