- Rename test for friendly forwarding to be more concise
- Add a separate test for successful user edit
These changes enhance the clarity of the test suite by
providing a more descriptive name for the friendly forwarding
test and separating the successful edit functionality into
its own test case, improving maintainability and readability.
- Updated single quotes to double quotes for consistency
- Adjusted spacing in array definitions for better readability
- Ensured consistent use of quotes in flash messages and method parameters
These changes enhance the overall code style without altering any functionality.
- Implement friendly forwarding for user login
- Add correct_user method to ensure users can only edit their own profiles
- Update sessions_controller to handle forwarding URL
- Enhance user controller tests to verify redirection for unauthorized access
These changes improve user experience by allowing users to be redirected
back to their intended page after logging in. Additionally, the new
correct_user method enhances security by preventing users from editing
other users' profiles, ensuring proper authorization checks are in place.
- Implement before_action to ensure users are logged in
- Add logged_in_user method to handle redirection
- Update user fixture to include new user
- Enhance integration tests to check for login requirement
This commit introduces user authentication checks for the edit and
update actions in the UsersController. It ensures that only logged-in
users can access these actions, improving the security of the
application. Additionally, integration tests have been updated to
verify that users are redirected to the login page if they attempt
to edit or update their information without being logged in.
- Implemented edit and update actions in UsersController
- Created edit user view and form partial
- Updated user model validation to allow nil password
- Modified header to link to user settings
- Added integration tests for successful and unsuccessful edits
This commit introduces the ability for users to edit their profile
information, including name and email. It also includes validation
updates to allow users to update their profiles without changing
their password. Integration tests ensure that both successful and
unsuccessful edit attempts are handled correctly.
- Implement remember me checkbox in login form
- Update sessions controller to handle remember me logic
- Enhance session management to prevent session hijacking
- Add tests for remember me functionality
This commit introduces a "Remember me" feature that allows users to
stay logged in across sessions. It includes updates to the login
form, session handling in the controller, and additional tests to
ensure the functionality works as expected. The changes also
improve security by validating session tokens to prevent session
hijacking.
- Update `destroy` action in `SessionsController` to log out
only if the user is currently logged in.
- Add a check in the `authenticated?` method of the `User`
model to return false if `remember_digest` is nil.
- Enhance integration tests to simulate logout in another
browser session and verify that the logout link is not
present after logging out.
These changes improve the robustness of the session management
by preventing unnecessary logout attempts and ensuring that
authentication checks are more reliable.
- Change "Log out" link to use `data: { turbo_method: :delete }`
- Update "Login in" to "Log in" for consistency
- Fix typo in sign-up prompt from "SIgn up now!" to "Sign up now!"
- Ensure proper indentation in error messages partial
- Add turbo frame to user signup form for better performance
- Adjust routes for consistency by adding leading slashes
These changes enhance the user interface by correcting typographical errors and improving the logout functionality. The use of turbo frames in the signup form aims to optimize the user experience during account creation.
- Update session creation to use safe navigation operator
- Implement log_out method in SessionsHelper
- Add session reset and login on user creation
- Improve user login tests for better coverage
These changes improve the user session management by ensuring
that the session is handled more safely and efficiently. The
addition of the log_out method centralizes session termination,
while the updated tests ensure that both login and logout
functionality are thoroughly validated.
- Implement user creation in UsersController
- Add user registration form in new.html.erb
- Create error messages partial for form validation
- Add gravatar helper for user profile
- Update routes to include resources for users
- Introduce integration tests for signup validation
This commit establishes the foundation for user registration, allowing users to sign up with their details and providing feedback on form errors. It enhances the user experience by integrating visual elements like gravatars and error messages.
