parsley/app/controllers/users_controller.rb

class UsersController < ApplicationController

  UserProxy = Struct.new(:user_id)

  before_action :ensure_valid_user, except: [:show, :login, :verify_login, :new, :create]
  skip_before_action :verify_authenticity_token, only: [:verify_login]

  def show
    if current_user
      render json: { id: current_user.id, name: current_user.display_name }
    else
      render json: nil
    end
  end

  def login

  end

  def logout
    set_current_user(nil)
    session.destroy
    flash[:notice] = "Logged out"
    redirect_to root_path
  end

  def verify_login

    respond_to do |format|
      if user = User.authenticate(params[:username], params[:password])
        set_current_user(user)
        format.html { redirect_to root_path, notice: "Welcome, #{user.display_name}" }
        format.json { render json: { success: true, user: { id: user.id, name: user.display_name } } }
      else
        format.html { flash[:error] = "Invalid credentials"; render :login }
        format.json { render json: { success: false, message: 'Invalid Credentials', user: nil } }
      end
    end
  end

  def new
    @user = User.new
  end

  def create
    @user = User.new(user_params)

    if @user.save
      set_current_user(@user)
      redirect_to root_path, notice: 'User was successfully created.'
    else
      render action: :new
    end
  end

  def edit
    @user = current_user
  end

  def update
    @user = current_user
    if @user.update(user_params)
      redirect_to root_path, notice: 'User account updated'
    else
      render action: 'edit'
    end
  end

  private

  def user_params
    params.require(:user).permit(:username, :email, :full_name, :password, :password_confirmation)
  end
end
Added authentication; cleaned up some UI 2016-01-19 16:50:39 -06:00			`class UsersController < ApplicationController`

basic login 2018-03-30 17:08:09 -05:00			`UserProxy = Struct.new(:user_id)`

			`before_action :ensure_valid_user, except: [:show, :login, :verify_login, :new, :create]`
			`skip_before_action :verify_authenticity_token, only: [:verify_login]`

			`def show`
			`if current_user`
			`render json: { id: current_user.id, name: current_user.display_name }`
			`else`
			`render json: nil`
			`end`
			`end`
Added authentication; cleaned up some UI 2016-01-19 16:50:39 -06:00
			`def login`

			`end`

			`def logout`
			`set_current_user(nil)`
			`session.destroy`
			`flash[:notice] = "Logged out"`
			`redirect_to root_path`
			`end`

			`def verify_login`
basic login 2018-03-30 17:08:09 -05:00
			`respond_to do \|format\|`
			`if user = User.authenticate(params[:username], params[:password])`
			`set_current_user(user)`
			`format.html { redirect_to root_path, notice: "Welcome, #{user.display_name}" }`
			`format.json { render json: { success: true, user: { id: user.id, name: user.display_name } } }`
			`else`
			`format.html { flash[:error] = "Invalid credentials"; render :login }`
			`format.json { render json: { success: false, message: 'Invalid Credentials', user: nil } }`
			`end`
Added authentication; cleaned up some UI 2016-01-19 16:50:39 -06:00			`end`
			`end`

			`def new`
			`@user = User.new`
			`end`

			`def create`
			`@user = User.new(user_params)`

			`if @user.save`
			`set_current_user(@user)`
			`redirect_to root_path, notice: 'User was successfully created.'`
			`else`
			`render action: :new`
			`end`
			`end`

			`def edit`
			`@user = current_user`
			`end`

			`def update`
			`@user = current_user`
			`if @user.update(user_params)`
			`redirect_to root_path, notice: 'User account updated'`
			`else`
			`render action: 'edit'`
			`end`
			`end`

			`private`

			`def user_params`
			`params.require(:user).permit(:username, :email, :full_name, :password, :password_confirmation)`
			`end`
			`end`