SlideShare a Scribd company logo
1 of 29
Download to read offline
Web com Ruby on
João Lucas Pereira de Santana
gtalk | linkedin | twitter: jlucasps
Solução flexível para autenticação de usuários
Segue o padrão MVC
Totalmente integrada com o Rails
Permite várias roles autenticadas ao mesmo
tempo (user, admin, member)
Baseada em conceitos de módulos
● Database Authenticatable
○ Criptografar a senha e armazenar em
banco de dados
○ Auntenticação pode ser feita via POST ou
HTTP Basic Authentication
● Token Authenticatable
○ Autenticar o usuário baseado em um token
de acesso
○ Token pode ser enviado via query string ou
HTTP Basic Authentication
● Omniauthable
○ Framework de autenticação compatível
com diversos providers (facebook, twitter,
openId, google, github), além dos
tradicionais username e password
● Confirmable
○ Enviar email com as instruções de
confirmação de cadastro
● Recoverable
○ Alterar password do usuário e enviar
instruções de alteração
● Registerable
○ Permite cadastar usuários para utilizarem
uma aplicação
○ Editar as informações de cadastro do
○ Excluir o cadastro
● Rememberable
○ Mecanimo para salvar cookies e permitir
manter usuário autenticado na aplicação
● Trackable
○ Registrar quantidade de acessos, hora do
acesso e IP de origem
● Timeoutable
○ Expirar a sessão caso o usuário fique um
período inativo
● Validatable
○ Validação de email e password
○ Mecanismo opcional e customizável
● Lockable
○ Bloquear a conta do usuário caso haja um
certo número de tentativas frustradas de
○ Desbloqueio pode ser feito via email ou
após um período de tempo
# Flexible authentication solution for Rails with Warden
gem 'devise'
Atualizar Gemfile
Atualizar config/environments/development.rb
config.action_mailer.default_url_options = { :host =>
'localhost:3000' }
# Catches mail and serves it through a dream.
gem 'mailcatcher'
Adicionar MailCatcher ao Gemfile
Atualizar config/environments/development.rb
config.action_mailer.delivery_method = :smtp
config.action_mailer.smtp_settings = { :address => "localhost", :
port => 1025 }
jlucasps@lotus:/media/truecrypt1/handsonrails/first_app$ mailcatcher
Starting MailCatcher
==> smtp://
*** MailCatcher runs as a daemon by default. Go to the web interface to
Após adicionar Devise ao Gemfile, execute o
jlucasps@lotus:/media/truecrypt1/handsonrails/first_app$ rails g devise:
create config/initializers/devise.rb
create config/locales/devise.en.yml
Some setup you must do manually if you haven't yet:
<!DOCTYPE html>
<%= stylesheet_link_tag "application", :media => "all" %>
<%= javascript_include_tag "application" %>
<%= csrf_meta_tags %>
<p class="notice"><%= notice %></p>
<p class="alert"><%= alert %></p>
<%= render :partial => 'shared/menu_top' %>
<div class="container-fluid">
<div class="row-fluid">
<%= yield :sidebar %>
<%= yield %>
<%= render :partial => 'shared/footer' %>
Configurar /app/views/layouts/application.html.erb
jlucasps@lotus:/media/truecrypt1/handsonrails/first_app$ rails g devise
invoke active_record
create db/migrate/20130619172147_add_devise_to_users.rb
insert app/models/user.rb
route devise_for :users
Adicionar Devise a algum model
Configurar Migration gerada e executá-la
jlucasps@lotus:/media/truecrypt1/handsonrails/first_app$ rake db:migrate
== AddDeviseToUsers: migrating
-- change_table(:users)
-> 0.0590s
-- add_index(:users, :reset_password_token, {:unique=>true})
-> 0.0007s
== AddDeviseToUsers: migrated (0.0600s)
class ApplicationController < ActionController::Base
before_filter :authenticate_user!
Configurar ApplicationController
Configurar arquivo /config/initializers/devise.rb
# ==> Scopes configuration
# Turn scoped views on. Before rendering "sessions/new", it will first check for
# "users/sessions/new". It's turned off by default because it's slower if you
# are using only default views.
config.scoped_views = true
Métodos helpers gerados pelo Devise
Caso o model seja Member
before_filter :authenticate_member!
jlucasps@lotus:/media/truecrypt1/handsonrails/first_app$ rails generate devise:views users
invoke Devise::Generators::SharedViewsGenerator
create app/views/users/shared
create app/views/users/shared/_links.erb
invoke form_for
create app/views/users/confirmations
create app/views/users/confirmations/new.html.erb
create app/views/users/passwords
create app/views/users/passwords/edit.html.erb
Customizar as views utilizadas pelo Devise
class WelcomeController < ApplicationController
before_filter :authenticate_user!, :except => [:index, :about, :contact]
def index
def black
render :layout => 'application_black'
def about
def contact
Caso queira liberar acesso para actions do WelcomeController
<div class="navbar navbar-inverse navbar-fixed-top">
<div class="navbar-inner">
<div class="container-fluid">
<button type="button" class="btn btn-navbar" data-toggle="collapse" data-target=".nav-collapse">
<span class="icon-bar"></span>
<span class="icon-bar"></span>
<span class="icon-bar"></span>
<%= link_to "Project name", index_path, :class => "brand" %>
<div class="nav-collapse collapse">
<p class="navbar-text pull-right">
<% if user_signed_in? %>
Logged in as <%= link_to edit_user_registration_path(current_user), :
class => "navbar-link" %>
<% else %>
<%= link_to "login", new_user_session_path, :class => "btn" %>
<% end %>
<ul class="nav">
<li class="active"><%= link_to "Home", index_path %></li>
<li><%= link_to "About", about_path %></li>
<li><%= link_to "Contact", contact_path %></li>
</div><!--/.nav-collapse -->
Exibir link para login e usuário logado: /app/views/shared/_menu_top.html.erb
<h2>Sign up</h2>
<%= form_for(resource, :as => resource_name, :url => registration_path
(resource_name)) do |f| %>
<%= devise_error_messages! %>
<div><%= f.label :name %><br />
<%= f.text_field :name, :autofocus => true %></div>
<div><%= f.label :email %><br />
<%= f.email_field :email %></div>
<div><%= f.label :password %><br />
<%= f.password_field :password %></div>
<div><%= f.label :password_confirmation %><br />
<%= f.password_field :password_confirmation %></div>
<div><%= f.submit "Sign up" %></div>
<% end %>
<%= render "users/shared/links" %>
Alterar tela de cadastro de usuários: /app/views/users/registrations/new.html.erb
RSpec.configure do |config|
# ## Mock Framework
# If you prefer to use mocha, flexmock or RR, uncomment the appropriate line:
# config.mock_with :mocha
# config.mock_with :flexmock
# config.mock_with :rr
config.include Capybara::DSL
config.include Devise::TestHelpers, :type => :controller
config.include Rails.application.routes.url_helpers
# Remove this line if you're not using ActiveRecord or ActiveRecord fixtures
#config.fixture_path = "#{::Rails.root}/spec/fixtures"
Testes automatizados com Devise: /spec/spec_helper.rb
include Warden::Test::Helpers
def create_logged_in_user(user_sym)
user = FactoryGirl.find_or_create(user_sym)
login_as(user, scope: :user)
class ActiveRecord::Base
mattr_accessor :shared_connection
@@shared_connection = nil
def self.connection
@@shared_connection || retrieve_connection
ActiveRecord::Base.shared_connection = ActiveRecord::Base.connection
Devise support /spec/support/devise.rb
# Factory_girl is a fixtures replacement with a straightforward
definition syntax
gem 'factory_girl_rails', "~> 4.0"
Adicionar factory_girl ao Gemfile
Importar factory_girl no spec_helper
# This file is copied to spec/ when you run 'rails generate rspec:install'
ENV["RAILS_ENV"] ||= 'test'
require File.expand_path("../../config/environment", __FILE__)
require 'rspec/rails'
require 'rspec/autorun'
require 'factory_girl'
require 'factory_girl_patch'
require 'capybara/rails'
require 'capybara/rspec'
FactoryGirl.register_strategy(:find_or_create, FactoryGirlPatch)
FactoryGirl.define do
factory :user_bart, :class => User do
name "Bart Simpson"
email ""
password "dirty_boy"
password_confirmation "dirty_boy"
encrypted_password BCrypt::Password.create("dirty_boy", :cost => 10)
factory :user_lisa, :class => User do
name "Lisa Simpson"
email ""
password "smart_girl"
password_confirmation "smart_girl"
encrypted_password BCrypt::Password.create("smart_girl", :cost => 10)
Criar factories
class FactoryGirlPatch
def association(runner)
def result(evaluation)
evaluation.object.tap do |instance|
evaluation.notify(:after_build, instance)
evaluation.notify(:before_create, instance)
saved_object = instance.class.where(instance.attributes.except("id", "created_at", "updated_at")).first
if saved_object.present? =
instance.created_at = saved_object.created_at if instance.respond_to?(:created_at)
instance.updated_at = saved_object.updated_at if instance.respond_to?(:updated_at)
evaluation.notify(:after_create, instance)
Estratégia find_or_create: /lib/factory_girl_patch.rb
require 'spec_helper'
describe UsersController do
let(:user_bart) { FactoryGirl.find_or_create(:user_bart)}
before(:each) do
sign_in user_bart
describe "GET index" do
it "assigns @users" do
saved_users = [FactoryGirl.find_or_create(:user_bart), FactoryGirl.find_or_create(:
get :index
assigns(:users).should eq(saved_users)
Testes no controller /spec/controllers/users_controller_spec.rb
Testes no controller /spec/controllers/users_controller_spec.rb
jlucasps@lotus:/media/first_app$ rspec
Finished in 0.331 seconds
1 example, 0 failures
Randomized with seed 5290
Web com Ruby on
João Lucas Pereira de Santana
gtalk | linkedin | twitter: jlucasps

More Related Content

What's hot

Ss 36932418[1]
Ss 36932418[1]Ss 36932418[1]
Ss 36932418[1]
Ya Jinda
Espacios en-tu-vida
Espacios en-tu-vidaEspacios en-tu-vida
Espacios en-tu-vida
Netvibes UWA workshop at ParisWeb 2007
Netvibes UWA workshop at ParisWeb 2007Netvibes UWA workshop at ParisWeb 2007
Netvibes UWA workshop at ParisWeb 2007
Private slideshow
Private slideshowPrivate slideshow
Private slideshow
AtlasCamp 2013: Modernizing your Plugin UI
AtlasCamp 2013: Modernizing your Plugin UI AtlasCamp 2013: Modernizing your Plugin UI
AtlasCamp 2013: Modernizing your Plugin UI

What's hot (20)

jQuery Mobile: Progressive Enhancement with HTML5
jQuery Mobile: Progressive Enhancement with HTML5jQuery Mobile: Progressive Enhancement with HTML5
jQuery Mobile: Progressive Enhancement with HTML5
The Point of Vue - Intro to Vue.js
The Point of Vue - Intro to Vue.jsThe Point of Vue - Intro to Vue.js
The Point of Vue - Intro to Vue.js
Essential html tweaks for accessible themes
Essential html tweaks for accessible themesEssential html tweaks for accessible themes
Essential html tweaks for accessible themes
What Web Developers Need to Know to Develop Windows 8 Apps
What Web Developers Need to Know to Develop Windows 8 AppsWhat Web Developers Need to Know to Develop Windows 8 Apps
What Web Developers Need to Know to Develop Windows 8 Apps
Introduction to jQuery Mobile
Introduction to jQuery MobileIntroduction to jQuery Mobile
Introduction to jQuery Mobile
Vue.js for beginners
Vue.js for beginnersVue.js for beginners
Vue.js for beginners
Ss 36932418[1]
Ss 36932418[1]Ss 36932418[1]
Ss 36932418[1]
Advanced JQuery Mobile tutorial with Phonegap
Advanced JQuery Mobile tutorial with Phonegap Advanced JQuery Mobile tutorial with Phonegap
Advanced JQuery Mobile tutorial with Phonegap
jQuery Mobile with HTML5
jQuery Mobile with HTML5jQuery Mobile with HTML5
jQuery Mobile with HTML5
You're Doing it Wrong - WordCamp Orlando
You're Doing it Wrong - WordCamp OrlandoYou're Doing it Wrong - WordCamp Orlando
You're Doing it Wrong - WordCamp Orlando
Test upload
Test uploadTest upload
Test upload
Introduction to jQuery Mobile - Web Deliver for All
Introduction to jQuery Mobile - Web Deliver for AllIntroduction to jQuery Mobile - Web Deliver for All
Introduction to jQuery Mobile - Web Deliver for All
Espacios en-tu-vida
Espacios en-tu-vidaEspacios en-tu-vida
Espacios en-tu-vida
Netvibes UWA workshop at ParisWeb 2007
Netvibes UWA workshop at ParisWeb 2007Netvibes UWA workshop at ParisWeb 2007
Netvibes UWA workshop at ParisWeb 2007
Private slideshow
Private slideshowPrivate slideshow
Private slideshow
AtlasCamp 2013: Modernizing your Plugin UI
AtlasCamp 2013: Modernizing your Plugin UI AtlasCamp 2013: Modernizing your Plugin UI
AtlasCamp 2013: Modernizing your Plugin UI
Articulo java web
Articulo java webArticulo java web
Articulo java web
Templates81 special document
Templates81 special documentTemplates81 special document
Templates81 special document
Templates81 special document
Templates81 special documentTemplates81 special document
Templates81 special document

Similar to Desenvolvimento web com Ruby on Rails (parte 6)

Desenvolvimento web com Ruby on Rails (parte 4)
Desenvolvimento web com Ruby on Rails (parte 4)Desenvolvimento web com Ruby on Rails (parte 4)
Desenvolvimento web com Ruby on Rails (parte 4)
Joao Lucas Santana
Annu G
Desenvolvimento web com Ruby on Rails (parte 2)
Desenvolvimento web com Ruby on Rails (parte 2)Desenvolvimento web com Ruby on Rails (parte 2)
Desenvolvimento web com Ruby on Rails (parte 2)
Joao Lucas Santana
OSDC 2009 Rails Turtorial
OSDC 2009 Rails TurtorialOSDC 2009 Rails Turtorial
OSDC 2009 Rails Turtorial
Yi-Ting Cheng
WebcampZG - Rails 4
WebcampZG - Rails 4WebcampZG - Rails 4
WebcampZG - Rails 4
User Login in PHP with Session & MySQL.pdf
User Login in PHP with Session & MySQL.pdfUser Login in PHP with Session & MySQL.pdf
User Login in PHP with Session & MySQL.pdf
Be Problem Solver

Similar to Desenvolvimento web com Ruby on Rails (parte 6) (20)

Boston Computing Review - Ruby on Rails
Boston Computing Review - Ruby on RailsBoston Computing Review - Ruby on Rails
Boston Computing Review - Ruby on Rails
Desenvolvimento web com Ruby on Rails (parte 4)
Desenvolvimento web com Ruby on Rails (parte 4)Desenvolvimento web com Ruby on Rails (parte 4)
Desenvolvimento web com Ruby on Rails (parte 4)
Devise and Rails
Devise and RailsDevise and Rails
Devise and Rails
18.register login
18.register login18.register login
18.register login
Using Geeklog as a Web Application Framework
Using Geeklog as a Web Application FrameworkUsing Geeklog as a Web Application Framework
Using Geeklog as a Web Application Framework
Desenvolvimento web com Ruby on Rails (parte 2)
Desenvolvimento web com Ruby on Rails (parte 2)Desenvolvimento web com Ruby on Rails (parte 2)
Desenvolvimento web com Ruby on Rails (parte 2)
Agile Wordpress
Agile WordpressAgile Wordpress
Agile Wordpress
Php frameworks
Php frameworksPhp frameworks
Php frameworks
OSDC 2009 Rails Turtorial
OSDC 2009 Rails TurtorialOSDC 2009 Rails Turtorial
OSDC 2009 Rails Turtorial
WebcampZG - Rails 4
WebcampZG - Rails 4WebcampZG - Rails 4
WebcampZG - Rails 4
Exploring Symfony's Code
Exploring Symfony's CodeExploring Symfony's Code
Exploring Symfony's Code
PSD to WordPress
PSD to WordPressPSD to WordPress
PSD to WordPress
Um roadmap do Framework Ruby on Rails, do Rails 1 ao Rails 4 - DevDay 2013
Um roadmap do Framework Ruby on Rails, do Rails 1 ao Rails 4 - DevDay 2013Um roadmap do Framework Ruby on Rails, do Rails 1 ao Rails 4 - DevDay 2013
Um roadmap do Framework Ruby on Rails, do Rails 1 ao Rails 4 - DevDay 2013
User Login in PHP with Session & MySQL.pdf
User Login in PHP with Session & MySQL.pdfUser Login in PHP with Session & MySQL.pdf
User Login in PHP with Session & MySQL.pdf
FamilySearch Reference Client
FamilySearch Reference ClientFamilySearch Reference Client
FamilySearch Reference Client
Flask – Python
Flask – PythonFlask – Python
Flask – Python

Recently uploaded

Breaking Down the Flutterwave Scandal What You Need to Know.pdf
Breaking Down the Flutterwave Scandal What You Need to Know.pdfBreaking Down the Flutterwave Scandal What You Need to Know.pdf
Breaking Down the Flutterwave Scandal What You Need to Know.pdf
UK Journal
Easier, Faster, and More Powerful – Alles Neu macht der Mai -Wir durchleuchte...
Easier, Faster, and More Powerful – Alles Neu macht der Mai -Wir durchleuchte...Easier, Faster, and More Powerful – Alles Neu macht der Mai -Wir durchleuchte...
Easier, Faster, and More Powerful – Alles Neu macht der Mai -Wir durchleuchte...

Recently uploaded (20)

PLAI - Acceleration Program for Generative A.I. Startups
PLAI - Acceleration Program for Generative A.I. StartupsPLAI - Acceleration Program for Generative A.I. Startups
PLAI - Acceleration Program for Generative A.I. Startups
Long journey of Ruby Standard library at RubyKaigi 2024
Long journey of Ruby Standard library at RubyKaigi 2024Long journey of Ruby Standard library at RubyKaigi 2024
Long journey of Ruby Standard library at RubyKaigi 2024
Microsoft CSP Briefing Pre-Engagement - Questionnaire
Microsoft CSP Briefing Pre-Engagement - QuestionnaireMicrosoft CSP Briefing Pre-Engagement - Questionnaire
Microsoft CSP Briefing Pre-Engagement - Questionnaire
WebAssembly is Key to Better LLM Performance
WebAssembly is Key to Better LLM PerformanceWebAssembly is Key to Better LLM Performance
WebAssembly is Key to Better LLM Performance
Intro in Product Management - Коротко про професію продакт менеджера
Intro in Product Management - Коротко про професію продакт менеджераIntro in Product Management - Коротко про професію продакт менеджера
Intro in Product Management - Коротко про професію продакт менеджера
Portal Kombat : extension du réseau de propagande russe
Portal Kombat : extension du réseau de propagande russePortal Kombat : extension du réseau de propagande russe
Portal Kombat : extension du réseau de propagande russe
Breaking Down the Flutterwave Scandal What You Need to Know.pdf
Breaking Down the Flutterwave Scandal What You Need to Know.pdfBreaking Down the Flutterwave Scandal What You Need to Know.pdf
Breaking Down the Flutterwave Scandal What You Need to Know.pdf
Oauth 2.0 Introduction and Flows with MuleSoft
Oauth 2.0 Introduction and Flows with MuleSoftOauth 2.0 Introduction and Flows with MuleSoft
Oauth 2.0 Introduction and Flows with MuleSoft
Integrating Telephony Systems with Salesforce: Insights and Considerations, B...
Integrating Telephony Systems with Salesforce: Insights and Considerations, B...Integrating Telephony Systems with Salesforce: Insights and Considerations, B...
Integrating Telephony Systems with Salesforce: Insights and Considerations, B...
The Value of Certifying Products for FDO _ Paul at FIDO Alliance.pdf
The Value of Certifying Products for FDO _ Paul at FIDO Alliance.pdfThe Value of Certifying Products for FDO _ Paul at FIDO Alliance.pdf
The Value of Certifying Products for FDO _ Paul at FIDO Alliance.pdf
Using IESVE for Room Loads Analysis - UK & Ireland
Using IESVE for Room Loads Analysis - UK & IrelandUsing IESVE for Room Loads Analysis - UK & Ireland
Using IESVE for Room Loads Analysis - UK & Ireland
IESVE for Early Stage Design and Planning
IESVE for Early Stage Design and PlanningIESVE for Early Stage Design and Planning
IESVE for Early Stage Design and Planning
Powerful Start- the Key to Project Success, Barbara Laskowska
Powerful Start- the Key to Project Success, Barbara LaskowskaPowerful Start- the Key to Project Success, Barbara Laskowska
Powerful Start- the Key to Project Success, Barbara Laskowska
AI presentation and introduction - Retrieval Augmented Generation RAG 101
AI presentation and introduction - Retrieval Augmented Generation RAG 101AI presentation and introduction - Retrieval Augmented Generation RAG 101
AI presentation and introduction - Retrieval Augmented Generation RAG 101
TopCryptoSupers 12thReport OrionX May2024
TopCryptoSupers 12thReport OrionX May2024TopCryptoSupers 12thReport OrionX May2024
TopCryptoSupers 12thReport OrionX May2024
TEST BANK For, Information Technology Project Management 9th Edition Kathy Sc...
TEST BANK For, Information Technology Project Management 9th Edition Kathy Sc...TEST BANK For, Information Technology Project Management 9th Edition Kathy Sc...
TEST BANK For, Information Technology Project Management 9th Edition Kathy Sc...
Easier, Faster, and More Powerful – Alles Neu macht der Mai -Wir durchleuchte...
Easier, Faster, and More Powerful – Alles Neu macht der Mai -Wir durchleuchte...Easier, Faster, and More Powerful – Alles Neu macht der Mai -Wir durchleuchte...
Easier, Faster, and More Powerful – Alles Neu macht der Mai -Wir durchleuchte...
Secure Zero Touch enabled Edge compute with Dell NativeEdge via FDO _ Brad at...
Secure Zero Touch enabled Edge compute with Dell NativeEdge via FDO _ Brad at...Secure Zero Touch enabled Edge compute with Dell NativeEdge via FDO _ Brad at...
Secure Zero Touch enabled Edge compute with Dell NativeEdge via FDO _ Brad at...
1111 ChatGPT Prompts PDF Free Download - Prompts for ChatGPT
1111 ChatGPT Prompts PDF Free Download - Prompts for ChatGPT1111 ChatGPT Prompts PDF Free Download - Prompts for ChatGPT
1111 ChatGPT Prompts PDF Free Download - Prompts for ChatGPT
Your enemies use GenAI too - staying ahead of fraud with Neo4j
Your enemies use GenAI too - staying ahead of fraud with Neo4jYour enemies use GenAI too - staying ahead of fraud with Neo4j
Your enemies use GenAI too - staying ahead of fraud with Neo4j

Desenvolvimento web com Ruby on Rails (parte 6)

  • 1. Desenvolvimento Web com Ruby on Rails João Lucas Pereira de Santana gtalk | linkedin | twitter: jlucasps
  • 2. Devise @jlucasps Solução flexível para autenticação de usuários Segue o padrão MVC Totalmente integrada com o Rails Permite várias roles autenticadas ao mesmo tempo (user, admin, member) Baseada em conceitos de módulos
  • 3. ● Database Authenticatable ○ Criptografar a senha e armazenar em banco de dados ○ Auntenticação pode ser feita via POST ou HTTP Basic Authentication Devise @jlucasps
  • 4. ● Token Authenticatable ○ Autenticar o usuário baseado em um token de acesso ○ Token pode ser enviado via query string ou HTTP Basic Authentication Devise @jlucasps
  • 5. Devise @jlucasps ● Omniauthable ○ Framework de autenticação compatível com diversos providers (facebook, twitter, openId, google, github), além dos tradicionais username e password
  • 6. Devise @jlucasps ● Confirmable ○ Enviar email com as instruções de confirmação de cadastro ● Recoverable ○ Alterar password do usuário e enviar instruções de alteração
  • 7. Devise @jlucasps ● Registerable ○ Permite cadastar usuários para utilizarem uma aplicação ○ Editar as informações de cadastro do usuário ○ Excluir o cadastro
  • 8. Devise @jlucasps ● Rememberable ○ Mecanimo para salvar cookies e permitir manter usuário autenticado na aplicação ● Trackable ○ Registrar quantidade de acessos, hora do acesso e IP de origem
  • 9. Devise @jlucasps ● Timeoutable ○ Expirar a sessão caso o usuário fique um período inativo ● Validatable ○ Validação de email e password ○ Mecanismo opcional e customizável
  • 10. Devise @jlucasps ● Lockable ○ Bloquear a conta do usuário caso haja um certo número de tentativas frustradas de acesso ○ Desbloqueio pode ser feito via email ou após um período de tempo
  • 11. Devise @jlucasps # # Flexible authentication solution for Rails with Warden gem 'devise' Atualizar Gemfile Atualizar config/environments/development.rb config.action_mailer.default_url_options = { :host => 'localhost:3000' }
  • 12. MailCatcher @jlucasps # # Catches mail and serves it through a dream. gem 'mailcatcher' Adicionar MailCatcher ao Gemfile Atualizar config/environments/development.rb config.action_mailer.delivery_method = :smtp config.action_mailer.smtp_settings = { :address => "localhost", : port => 1025 } jlucasps@lotus:/media/truecrypt1/handsonrails/first_app$ mailcatcher Starting MailCatcher ==> smtp:// ==> *** MailCatcher runs as a daemon by default. Go to the web interface to quit.
  • 13. Devise @jlucasps Após adicionar Devise ao Gemfile, execute o generator jlucasps@lotus:/media/truecrypt1/handsonrails/first_app$ rails g devise: install create config/initializers/devise.rb create config/locales/devise.en.yml =========================================== ==================== Some setup you must do manually if you haven't yet: ....
  • 14. Devise @jlucasps <!DOCTYPE html> <html> <head> <title>FirstApp</title> <%= stylesheet_link_tag "application", :media => "all" %> <%= javascript_include_tag "application" %> <%= csrf_meta_tags %> </head> <body> <p class="notice"><%= notice %></p> <p class="alert"><%= alert %></p> <%= render :partial => 'shared/menu_top' %> <div class="container-fluid"> <div class="row-fluid"> <%= yield :sidebar %> <%= yield %> </div> <%= render :partial => 'shared/footer' %> </div> </body> </html> Configurar /app/views/layouts/application.html.erb
  • 15. Devise @jlucasps jlucasps@lotus:/media/truecrypt1/handsonrails/first_app$ rails g devise User invoke active_record create db/migrate/20130619172147_add_devise_to_users.rb insert app/models/user.rb route devise_for :users Adicionar Devise a algum model Configurar Migration gerada e executá-la jlucasps@lotus:/media/truecrypt1/handsonrails/first_app$ rake db:migrate == AddDeviseToUsers: migrating =============================================== -- change_table(:users) -> 0.0590s -- add_index(:users, :reset_password_token, {:unique=>true}) -> 0.0007s == AddDeviseToUsers: migrated (0.0600s) ======================================
  • 16. Devise @jlucasps class ApplicationController < ActionController::Base protect_from_forgery before_filter :authenticate_user! end Configurar ApplicationController Configurar arquivo /config/initializers/devise.rb # ==> Scopes configuration # Turn scoped views on. Before rendering "sessions/new", it will first check for # "users/sessions/new". It's turned off by default because it's slower if you # are using only default views. config.scoped_views = true
  • 17. Devise @jlucasps user_signed_in? current_user user_session Métodos helpers gerados pelo Devise Caso o model seja Member before_filter :authenticate_member! member_signed_in? current_member member_session
  • 18. Devise @jlucasps jlucasps@lotus:/media/truecrypt1/handsonrails/first_app$ rails generate devise:views users invoke Devise::Generators::SharedViewsGenerator create app/views/users/shared create app/views/users/shared/_links.erb invoke form_for create app/views/users/confirmations create app/views/users/confirmations/new.html.erb create app/views/users/passwords create app/views/users/passwords/edit.html.erb Customizar as views utilizadas pelo Devise
  • 19. Devise @jlucasps class WelcomeController < ApplicationController before_filter :authenticate_user!, :except => [:index, :about, :contact] def index end def black render :layout => 'application_black' end def about end def contact end end Caso queira liberar acesso para actions do WelcomeController
  • 20. Devise @jlucasps <div class="navbar navbar-inverse navbar-fixed-top"> <div class="navbar-inner"> <div class="container-fluid"> <button type="button" class="btn btn-navbar" data-toggle="collapse" data-target=".nav-collapse"> <span class="icon-bar"></span> <span class="icon-bar"></span> <span class="icon-bar"></span> </button> <%= link_to "Project name", index_path, :class => "brand" %> <div class="nav-collapse collapse"> <p class="navbar-text pull-right"> <% if user_signed_in? %> Logged in as <%= link_to edit_user_registration_path(current_user), : class => "navbar-link" %> <% else %> <%= link_to "login", new_user_session_path, :class => "btn" %> <% end %> </p> <ul class="nav"> <li class="active"><%= link_to "Home", index_path %></li> <li><%= link_to "About", about_path %></li> <li><%= link_to "Contact", contact_path %></li> </ul> </div><!--/.nav-collapse --> </div> </div> </div> Exibir link para login e usuário logado: /app/views/shared/_menu_top.html.erb
  • 21. Devise @jlucasps <h2>Sign up</h2> <%= form_for(resource, :as => resource_name, :url => registration_path (resource_name)) do |f| %> <%= devise_error_messages! %> <div><%= f.label :name %><br /> <%= f.text_field :name, :autofocus => true %></div> <div><%= f.label :email %><br /> <%= f.email_field :email %></div> <div><%= f.label :password %><br /> <%= f.password_field :password %></div> <div><%= f.label :password_confirmation %><br /> <%= f.password_field :password_confirmation %></div> <div><%= f.submit "Sign up" %></div> <% end %> <%= render "users/shared/links" %> Alterar tela de cadastro de usuários: /app/views/users/registrations/new.html.erb
  • 22. Devise @jlucasps RSpec.configure do |config| # ## Mock Framework # # If you prefer to use mocha, flexmock or RR, uncomment the appropriate line: # # config.mock_with :mocha # config.mock_with :flexmock # config.mock_with :rr config.include Capybara::DSL config.include Devise::TestHelpers, :type => :controller config.include Rails.application.routes.url_helpers # Remove this line if you're not using ActiveRecord or ActiveRecord fixtures #config.fixture_path = "#{::Rails.root}/spec/fixtures" Testes automatizados com Devise: /spec/spec_helper.rb
  • 23. Devise @jlucasps include Warden::Test::Helpers def create_logged_in_user(user_sym) user = FactoryGirl.find_or_create(user_sym) login_as(user, scope: :user) user end class ActiveRecord::Base mattr_accessor :shared_connection @@shared_connection = nil def self.connection @@shared_connection || retrieve_connection end end ActiveRecord::Base.shared_connection = ActiveRecord::Base.connection Devise support /spec/support/devise.rb
  • 24. FactoryGirl @jlucasps # Factory_girl is a fixtures replacement with a straightforward definition syntax # gem 'factory_girl_rails', "~> 4.0" Adicionar factory_girl ao Gemfile Importar factory_girl no spec_helper # This file is copied to spec/ when you run 'rails generate rspec:install' ENV["RAILS_ENV"] ||= 'test' require File.expand_path("../../config/environment", __FILE__) require 'rspec/rails' require 'rspec/autorun' require 'factory_girl' require 'factory_girl_patch' require 'capybara/rails' require 'capybara/rspec' FactoryGirl.register_strategy(:find_or_create, FactoryGirlPatch)
  • 25. FactoryGirl @jlucasps FactoryGirl.define do factory :user_bart, :class => User do name "Bart Simpson" email "" password "dirty_boy" password_confirmation "dirty_boy" encrypted_password BCrypt::Password.create("dirty_boy", :cost => 10) end factory :user_lisa, :class => User do name "Lisa Simpson" email "" password "smart_girl" password_confirmation "smart_girl" encrypted_password BCrypt::Password.create("smart_girl", :cost => 10) end end Criar factories
  • 26. FactoryGirl @jlucasps class FactoryGirlPatch def association(runner) end def result(evaluation) evaluation.object.tap do |instance| evaluation.notify(:after_build, instance) evaluation.notify(:before_create, instance) saved_object = instance.class.where(instance.attributes.except("id", "created_at", "updated_at")).first if saved_object.present? = instance.created_at = saved_object.created_at if instance.respond_to?(:created_at) instance.updated_at = saved_object.updated_at if instance.respond_to?(:updated_at) else evaluation.create(instance) evaluation.notify(:after_create, instance) end end end end Estratégia find_or_create: /lib/factory_girl_patch.rb
  • 27. Devise @jlucasps require 'spec_helper' describe UsersController do let(:user_bart) { FactoryGirl.find_or_create(:user_bart)} before(:each) do sign_in user_bart end describe "GET index" do it "assigns @users" do saved_users = [FactoryGirl.find_or_create(:user_bart), FactoryGirl.find_or_create(: user_lisa)] get :index assigns(:users).should eq(saved_users) end end end Testes no controller /spec/controllers/users_controller_spec.rb
  • 28. Devise @jlucasps Testes no controller /spec/controllers/users_controller_spec.rb jlucasps@lotus:/media/first_app$ rspec spec/controllers/users_controller_spec.rb . Finished in 0.331 seconds 1 example, 0 failures Randomized with seed 5290
  • 29. Desenvolvimento Web com Ruby on Rails João Lucas Pereira de Santana gtalk | linkedin | twitter: jlucasps Obrigado!