From: Steve Coast <steve@asklater.com>
Date: Sat, 26 Aug 2006 17:53:43 +0000 (+0000)
Subject: more rails front end bits
X-Git-Tag: live~8629
X-Git-Url: https://git.openstreetmap.org/rails.git/commitdiff_plain/97978ceeb9047ec6894b822ca947a466c2462988?hp=a42dc9f4826da27b21fa1f66ea6318110afaa0b2

more rails front end bits
---

diff --git a/app/controllers/application.rb b/app/controllers/application.rb
index 82ef80920..366646ae3 100644
--- a/app/controllers/application.rb
+++ b/app/controllers/application.rb
@@ -2,10 +2,10 @@
 # Likewise, all the methods added will be available for all controllers.
 class ApplicationController < ActionController::Base
 
+  def authorize_web
+    @user = User.find_by_token(session[:token])
+  end
 
-
-  # HTTP AUTH stuff for the API
-  
   def authorize(realm='Web Password', errormessage="Could't authenticate you") 
     username, passwd = get_auth_data 
     # check if authorized 
diff --git a/app/controllers/site_controller.rb b/app/controllers/site_controller.rb
index d01b86bba..380c41436 100644
--- a/app/controllers/site_controller.rb
+++ b/app/controllers/site_controller.rb
@@ -1,4 +1,6 @@
 class SiteController < ApplicationController
+  before_filter :authorize_web
+
   def index
 
   end
diff --git a/app/controllers/user_controller.rb b/app/controllers/user_controller.rb
index 3012765d2..d61455bf1 100644
--- a/app/controllers/user_controller.rb
+++ b/app/controllers/user_controller.rb
@@ -14,7 +14,38 @@ class UserController < ApplicationController
   end
 
   def new
+    render :layout => 'site'
+  end
+
+  def login
+    if params[:user]
+      email = params[:user][:email]
+      pass = params[:user][:password]
+      u = User.authenticate(email, pass)
+      if u
+        u.token = User.make_token
+        u.timeout = 1.day.from_now
+        u.save
+        session[:token] = u.token
+        redirect_to :controller => 'site', :action => 'index'
+        return
+      end
+    end
+
+    render :layout => 'site'
+  end
 
+  def logout
+    if session[:token]
+      u = User.find_by_token(session[:token])
+      if u
+        u.token = User.make_token
+        u.timeout = Time.now
+        u.save
+      end
+    end
+    session[:token] = nil
+    redirect_to :controller => 'site', :action => 'index'
   end
 
   def confirm
@@ -23,6 +54,9 @@ class UserController < ApplicationController
       @user.active = true
       @user.save
       flash[:notice] = 'Confirmed your account'
+
+      #FIXME: login the person magically
+
       redirect_to :action => 'login'
     else
       flash[:notice] = 'Something went wrong confirming that user'
diff --git a/app/models/user.rb b/app/models/user.rb
index 589546e2d..350ea2c3a 100644
--- a/app/models/user.rb
+++ b/app/models/user.rb
@@ -13,7 +13,7 @@ class User < ActiveRecord::Base
   def set_defaults
     self.creation_time = Time.now
     self.timeout = Time.now
-    self.token = make_token()
+    self.token = User.make_token()
   end
   
   def pass_crypt=(str) 
@@ -27,9 +27,12 @@ class User < ActiveRecord::Base
   def self.authenticate(email, passwd) 
     find_first([ "email = ? AND pass_crypt =?", email, Digest::MD5.hexdigest(passwd) ])
   end 
+
+  def self.authenticate_token(token) 
+    find_first([ "token = ? ", token])
+  end 
   
-  private
-  def make_token
+  def self.make_token
     chars = 'abcdefghijklmnopqrtuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789'
     confirmstring = ''
 
diff --git a/app/views/layouts/site.rhtml b/app/views/layouts/site.rhtml
index 0ff110ced..aaf4e0324 100644
--- a/app/views/layouts/site.rhtml
+++ b/app/views/layouts/site.rhtml
@@ -20,15 +20,27 @@
   </div>
 
   <span id="greeting">
-    <%= link_to 'Login', {:controller => 'user', :action => 'login'}, {:id => 'loginanchor'}%> /
-    <%= link_to 'Sign up', {:controller => 'user', :action => 'new'}, {:id => 'registeranchor'} %>
+    <% if @user %>
+      Welcome, <%= @user.email %> / 
+      <%= link_to 'Logout', {:controller => 'user', :action => 'logout'}, {:id => 'loginanchor'}%>
+    <% else %>
+      <%= link_to 'Login', {:controller => 'user', :action => 'login'}, {:id => 'loginanchor'}%> /
+      <%= link_to 'Sign up', {:controller => 'user', :action => 'new'}, {:id => 'registeranchor'} %>
+    <% end %>
   </span>
   
   <div>
     <ul id="tabnav">
-      <li><a  id="viewanchor" href="/index.html" title="view maps">View</a></li>
-      <li><a  style="font-style:italic" href="/login.html" title="edit maps">Edit</a></li>
-      <li><a  href="/traces" title="manage traces">GPS traces</a></li>
+      <!-- FIXME, these links need help -->
+      <% if @user %>
+        <li><%= link_to 'View', {:controller => 'site', :action => 'index'}, {:id => 'viewanchor', :title => 'view maps' } %></li>
+        <li><%= link_to 'Edit', {:controller => 'site', :action => 'edit'}, {:id => 'editanchor', :title => 'edit maps' } %></li>
+        <li><%= link_to 'GPS traces', {:controller => 'trace', :action => 'index'}, {:id => 'traceanchor', :title => 'manage traces' } %></li>
+      <% else %>
+        <li><a id="viewanchor" href="/index.html" title="view maps">View</a></li>
+        <li><a style="font-style:italic" href="/login.html" title="edit maps">Edit</a></li>
+        <li><a href="/traces" title="manage traces">GPS traces</a></li>
+      <% end %>
     </ul>
   </div>
 
@@ -70,13 +82,14 @@
 
         </div>
 
-
         <div id="cclogo">
           <center>
+
             <form action="https://www.paypal.com/cgi-bin/webscr" method="post">
               <input type="hidden" name="cmd" value="_s-xclick">
               <input type="image" src="https://www.paypal.com/en_US/i/btn/x-click-but21.gif" border="0" name="submit" alt="Make payments with PayPal - it's fast, free and secure!">
-              <input type="hidden" name="encrypted" value="-----BEGIN PKCS7-----MIIHFgYJKoZIhvcNAQcEoIIHBzCCBwMCAQExggEwMIIBLAIBADCBlDCBjjELMAkGA1UEBhMCVVMxCzAJBgNVBAgTAkNBMRYwFAYDVQQHEw1Nb3VudGFpbiBWaWV3MRQwEgYDVQQKEwtQYXlQYWwgSW5jLjETMBEGA1UECxQKbGl2ZV9jZXJ0czERMA8GA1UEAxQIbGl2ZV9hcGkxHDAaBgkqhkiG9w0BCQEWDXJlQHBheXBhbC5jb20CAQAwDQYJKoZIhvcNAQEBBQAEgYBJr8BolWgGYvrtd1+IKusKyffII5UlFikz+JVREVGdN8UIRnZcopnl2qIjAEMukhq0/mh/8A5kuG85ndYP5gC6UN1xLdoIl55HEJtNEdos5en/9eetTxlf7KHa1+uiKeVM6McH17fNgZRmj+tgZh81AHalJMYBjAx2Sy29z1fLMzELMAkGBSsOAwIaBQAwgZMGCSqGSIb3DQEHATAUBggqhkiG9w0DBwQIAXcoowpH8G+AcPyGKCBIytNcnb6LCXcVaz4I7iBzpvIupnS77yMcasyhcsrsr6ffiyouDwrpPylfmVDm9bEiNmhT3Ccug5z0778vXDxV5PtGR0N+dv1sp3+IgzSQXEIm+6ay3+vGc/uvtdgqb6CZLRZwULyNjddhMbWgggOHMIIDgzCCAuygAwIBAgIBADANBgkqhkiG9w0BAQUFADCBjjELMAkGA1UEBhMCVVMxCzAJBgNVBAgTAkNBMRYwFAYDVQQHEw1Nb3VudGFpbiBWaWV3MRQwEgYDVQQKEwtQYXlQYWwgSW5jLjETMBEGA1UECxQKbGl2ZV9jZXJ0czERMA8GA1UEAxQIbGl2ZV9hcGkxHDAaBgkqhkiG9w0BCQEWDXJlQHBheXBhbC5jb20wHhcNMDQwMjEzMTAxMzE1WhcNMzUwMjEzMTAxMzE1WjCBjjELMAkGA1UEBhMCVVMxCzAJBgNVBAgTAkNBMRYwFAYDVQQHEw1Nb3VudGFpbiBWaWV3MRQwEgYDVQQKEwtQYXlQYWwgSW5jLjETMBEGA1UECxQKbGl2ZV9jZXJ0czERMA8GA1UEAxQIbGl2ZV9hcGkxHDAaBgkqhkiG9w0BCQEWDXJlQHBheXBhbC5jb20wgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAMFHTt38RMxLXJyO2SmS+Ndl72T7oKJ4u4uw+6awntALWh03PewmIJuzbALScsTS4sZoS1fKciBGoh11gIfHzylvkdNe/hJl66/RGqrj5rFb08sAABNTzDTiqqNpJeBsYs/c2aiGozptX2RlnBktH+SUNpAajW724Nv2Wvhif6sFAgMBAAGjge4wgeswHQYDVR0OBBYEFJaffLvGbxe9WT9S1wob7BDWZJRrMIG7BgNVHSMEgbMwgbCAFJaffLvGbxe9WT9S1wob7BDWZJRroYGUpIGRMIGOMQswCQYDVQQGEwJVUzELMAkGA1UECBMCQ0ExFjAUBgNVBAcTDU1vdW50YWluIFZpZXcxFDASBgNVBAoTC1BheVBhbCBJbmMuMRMwEQYDVQQLFApsaXZlX2NlcnRzMREwDwYDVQQDFAhsaXZlX2FwaTEcMBoGCSqGSIb3DQEJARYNcmVAcGF5cGFsLmNvbYIBADAMBgNVHRMEBTADAQH/MA0GCSqGSIb3DQEBBQUAA4GBAIFfOlaagFrl71+jq6OKidbWFSE+Q4FqROvdgIONth+8kSK//Y/4ihuE4Ymvzn5ceE3S/iBSQQMjyvb+s2TWbQYDwcp129OPIbD9epdr4tJOUNiSojw7BHwYRiPh58S1xGlFgHFXwrEBb3dgNbMUa+u4qectsMAXpVHnD9wIyfmHMYIBmjCCAZYCAQEwgZQwgY4xCzAJBgNVBAYTAlVTMQswCQYDVQQIEwJDQTEWMBQGA1UEBxMNTW91bnRhaW4gVmlldzEUMBIGA1UEChMLUGF5UGFsIEluYy4xEzARBgNVBAsUCmxpdmVfY2VydHMxETAPBgNVBAMUCGxpdmVfYXBpMRwwGgYJKoZIhvcNAQkBFg1yZUBwYXlwYWwuY29tAgEAMAkGBSsOAwIaBQCgXTAYBgkqhkiG9w0BCQMxCwYJKoZIhvcNAQcBMBwGCSqGSIb3DQEJBTEPFw0wNjAyMDgxMTQxMjhaMCMGCSqGSIb3DQEJBDEWBBShwtAQjoDmloA+pQJMoRTY/hFOLjANBgkqhkiG9w0BAQEFAASBgK2XalT/ShlrD0owoDt3at4NTz8hrNnrEnLUmGJWlOdhqviP6mH1FiHqYjNNck8Br0fW2J05tIE1IdGShjxDqWLgJTXBhGDwG7bW9r8lMcCsi6Z4pI3jkFa9JXw8ZyNZ4qZO3x5vRRPWaD/jQTjsz9/I2jwahkUZ/hsJqxJyhrpI-----END PKCS7-----">
+              <img alt="" border="0" src="https://www.paypal.com/en_GB/i/scr/pixel.gif" width="1" height="1">
+              <input type="hidden" name="encrypted" value="-----BEGIN PKCS7-----MIIHTwYJKoZIhvcNAQcEoIIHQDCCBzwCAQExggEwMIIBLAIBADCBlDCBjjELMAkGA1UEBhMCVVMxCzAJBgNVBAgTAkNBMRYwFAYDVQQHEw1Nb3VudGFpbiBWaWV3MRQwEgYDVQQKEwtQYXlQYWwgSW5jLjETMBEGA1UECxQKbGl2ZV9jZXJ0czERMA8GA1UEAxQIbGl2ZV9hcGkxHDAaBgkqhkiG9w0BCQEWDXJlQHBheXBhbC5jb20CAQAwDQYJKoZIhvcNAQEBBQAEgYCsNDDDDa7OZFojBzDvG4HSPXOiJSO3VNuLoc8HGwsds3LsZYYtv4cPGw7Z/SoVVda+RELM+5FQn0D3Kv7hjA2Z6QdwEkFH2kDDlXCvyPt53ENHkQrzC1KOueRpimsQMH5hl03nvuVXij0hEYlMFqTH0UZr80vyczB+lJU6ZKYtrDELMAkGBSsOAwIaBQAwgcwGCSqGSIb3DQEHATAUBggqhkiG9w0DBwQIZa12CIRB0geAgahqF6Otz0oY0+Wg56fSuEpZvbUmNGEQznjWqBXkJqTkZT0jOwekOrlEi7bNEU8yVIie2u5L1gOhBDSl6rmgpxxVURSa4Jig5qiSioyK5baH6HjXVPQ+MDEWg1gZ4LtjYYtroZ8SBE/1eikQWmG7EOEgU62Vn/jqJJ77/mgS7mdEQhlEWYMiyJBZs35yCB/pK5FUxhZnrquL4sS+2QKHPPOGPDfRc/dnhMKgggOHMIIDgzCCAuygAwIBAgIBADANBgkqhkiG9w0BAQUFADCBjjELMAkGA1UEBhMCVVMxCzAJBgNVBAgTAkNBMRYwFAYDVQQHEw1Nb3VudGFpbiBWaWV3MRQwEgYDVQQKEwtQYXlQYWwgSW5jLjETMBEGA1UECxQKbGl2ZV9jZXJ0czERMA8GA1UEAxQIbGl2ZV9hcGkxHDAaBgkqhkiG9w0BCQEWDXJlQHBheXBhbC5jb20wHhcNMDQwMjEzMTAxMzE1WhcNMzUwMjEzMTAxMzE1WjCBjjELMAkGA1UEBhMCVVMxCzAJBgNVBAgTAkNBMRYwFAYDVQQHEw1Nb3VudGFpbiBWaWV3MRQwEgYDVQQKEwtQYXlQYWwgSW5jLjETMBEGA1UECxQKbGl2ZV9jZXJ0czERMA8GA1UEAxQIbGl2ZV9hcGkxHDAaBgkqhkiG9w0BCQEWDXJlQHBheXBhbC5jb20wgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAMFHTt38RMxLXJyO2SmS+Ndl72T7oKJ4u4uw+6awntALWh03PewmIJuzbALScsTS4sZoS1fKciBGoh11gIfHzylvkdNe/hJl66/RGqrj5rFb08sAABNTzDTiqqNpJeBsYs/c2aiGozptX2RlnBktH+SUNpAajW724Nv2Wvhif6sFAgMBAAGjge4wgeswHQYDVR0OBBYEFJaffLvGbxe9WT9S1wob7BDWZJRrMIG7BgNVHSMEgbMwgbCAFJaffLvGbxe9WT9S1wob7BDWZJRroYGUpIGRMIGOMQswCQYDVQQGEwJVUzELMAkGA1UECBMCQ0ExFjAUBgNVBAcTDU1vdW50YWluIFZpZXcxFDASBgNVBAoTC1BheVBhbCBJbmMuMRMwEQYDVQQLFApsaXZlX2NlcnRzMREwDwYDVQQDFAhsaXZlX2FwaTEcMBoGCSqGSIb3DQEJARYNcmVAcGF5cGFsLmNvbYIBADAMBgNVHRMEBTADAQH/MA0GCSqGSIb3DQEBBQUAA4GBAIFfOlaagFrl71+jq6OKidbWFSE+Q4FqROvdgIONth+8kSK//Y/4ihuE4Ymvzn5ceE3S/iBSQQMjyvb+s2TWbQYDwcp129OPIbD9epdr4tJOUNiSojw7BHwYRiPh58S1xGlFgHFXwrEBb3dgNbMUa+u4qectsMAXpVHnD9wIyfmHMYIBmjCCAZYCAQEwgZQwgY4xCzAJBgNVBAYTAlVTMQswCQYDVQQIEwJDQTEWMBQGA1UEBxMNTW91bnRhaW4gVmlldzEUMBIGA1UEChMLUGF5UGFsIEluYy4xEzARBgNVBAsUCmxpdmVfY2VydHMxETAPBgNVBAMUCGxpdmVfYXBpMRwwGgYJKoZIhvcNAQkBFg1yZUBwYXlwYWwuY29tAgEAMAkGBSsOAwIaBQCgXTAYBgkqhkiG9w0BCQMxCwYJKoZIhvcNAQcBMBwGCSqGSIb3DQEJBTEPFw0wNjA4MjYwODQ2NDdaMCMGCSqGSIb3DQEJBDEWBBTyC1ZchvuTMtcYeudPPSP/w8HiEDANBgkqhkiG9w0BAQEFAASBgJPpBf69pRAJfhzv/MfPiMncuq3TSlvpX7VtG9p4dXzSko4i2lWUDD72r5zdF2NwDgZ6avf630PutgpOzYJQ525If1xU2olc9DWI43UZTqY+FArgFuCJ8VnkPsy9mcbXPoSjLRqNwrsA2yoETxMISO3ASELzELJTJgpPk4bU57eZ-----END PKCS7-----">
             </form>
 
             <a href="http://creativecommons.org/licenses/by-sa/2.0/"><img src="/images/cc_button.png" border="0"></a>
@@ -85,5 +98,5 @@
         </div>
 
       </div>
-  </body>
-</html>
+    </body>
+  </html>
diff --git a/app/views/site/index.rhtml b/app/views/site/index.rhtml
index e08565a21..25cebdc23 100644
--- a/app/views/site/index.rhtml
+++ b/app/views/site/index.rhtml
@@ -14,6 +14,27 @@
 
 <div id="debuginfo"></div>
 
+<% unless @user %>
+<div id="gads">
+  <script type="text/javascript"><!--
+    google_ad_client = "pub-7727744269903103";
+    google_ad_width = 728;
+    google_ad_height = 90;
+    google_ad_format = "728x90_as";
+    google_ad_type = "text";
+    google_ad_channel ="";
+    google_color_border = "CCCCCC";
+    google_color_bg = "FFFFFF";
+    google_color_link = "000000";
+    google_color_url = "000080";
+    google_color_text = "000000";
+    //--></script><script type="text/javascript"
+    src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
+  </script>We're trialing adverts to support the project. Login and they go away.
+</div>
+<% end %>
+
+
 <script type="text/javascript">
   lat = 0;
   lon = 0;
diff --git a/app/views/user/index.rhtml b/app/views/user/index.rhtml
new file mode 100644
index 000000000..e69de29bb
diff --git a/app/views/user/login.rhtml b/app/views/user/login.rhtml
index ff71fb8cb..88d207a14 100644
--- a/app/views/user/login.rhtml
+++ b/app/views/user/login.rhtml
@@ -1,10 +1,9 @@
 <h1>Login:</h1><br>
 Please login or <%= link_to 'create an account', :controller => 'user', :action => 'new' %>.<br>
 
-
 <%= start_form_tag :action => 'login' %>
 <table>
-  <tr><td>Login name</td><td><%= text_field('user', 'display_name',{:size => 50, :maxlength => 255}) %></td></tr>
+  <tr><td>Login name</td><td><%= text_field('user', 'email',{:size => 50, :maxlength => 255}) %></td></tr>
   <tr><td>password:</td><td><%= password_field('user', 'password',{:size => 50, :maxlength => 255}) %></td></tr>
 </table>
 
diff --git a/config/routes.rb b/config/routes.rb
index ac57c7ef2..8f251f7d3 100644
--- a/config/routes.rb
+++ b/config/routes.rb
@@ -10,6 +10,11 @@ ActionController::Routing::Routes.draw do |map|
   map.connect 'api/0.4/segment/:id', :controller => 'segment', :action => 'rest'
 
   map.connect '/', :controller => 'site', :action => 'index'
+  map.connect '/index.html', :controller => 'site', :action => 'index'
+  map.connect '/edit.html', :controller => 'site', :action => 'edit'
+  map.connect '/login.html', :controller => 'user', :action => 'login'
+  map.connect '/logout.html', :controller => 'user', :action => 'logout'
+  map.connect '/create-account.html', :controller => 'user', :action => 'new'
 
   map.connect ':controller/:action/:id'
 end