feat: adds users

Gemfile

@@ -57,3 +57,5 @@ group :test do
 end
 
 gem "rqrcode", "~> 2.2"
+
+gem "bcrypt", "~> 3.1.7"

Gemfile.lock

@@ -75,6 +75,7 @@ GEM
       public_suffix (>= 2.0.2, < 7.0)
     ast (2.4.2)
     base64 (0.2.0)
+    bcrypt (3.1.20)
     bigdecimal (3.1.8)
     bindex (0.8.1)
     bootsnap (1.18.4)
@@ -295,6 +296,7 @@ PLATFORMS
   x86_64-linux
 
 DEPENDENCIES
+  bcrypt (~> 3.1.7)
   bootsnap
   brakeman
   capybara

app/controllers/pets_controller.rb

@@ -1,11 +1,8 @@
 class PetsController < ApplicationController
-  before_action :set_pet, only: %i[ show edit update destroy ]
+  before_action :set_pet, only: [ :show, :edit, :update, :destroy ]
+  before_action :authenticate_user!, only: [ :edit, :update, :destroy ]
+  before_action :authorize_pet!, only: [ :edit, :update, :destroy ]
 
-  def model_params
-    params.require(:pet).permit(:name, :tutor, :pet_birthdate, :pet_race, :tutors_contact, :pet_coat_color, :pet_photo, :pet_city, :pet_instagram, :pet_tiktok, :qrcode)
-  end
-
-  # GET /pets or /pets.json
   def index
     @pets = Pet.all
   end
@@ -26,6 +23,7 @@ def edit
   # POST /pets or /pets.json
   def create
     @pet = Pet.new(pet_params)
+    @pet.user = current_user
 
     respond_to do |format|
       if @pet.save
@@ -62,13 +60,24 @@ def destroy
   end
 
   private
-    # Use callbacks to share common setup or constraints between actions.
-    def set_pet
-      @pet = Pet.find(params[:id])
-    end
+  # Use callbacks to share common setup or constraints between actions.
+  def set_pet
+    @pet = Pet.find(params[:id])
+  end
 
-    # Only allow a list of trusted parameters through.
-    def pet_params
-      params.require(:pet).permit(:name, :tutor, :pet_birthdate)
-    end
+  def pet_params
+    params.require(:pet).permit(:name, :tutor, :pet_birthdate, :pet_race, :tutors_contact, :pet_coat_color, :pet_photo, :pet_city, :pet_instagram, :pet_tiktok, :qrcode)
+  end
+
+  def authenticate_user!
+    redirect_to new_session_path, alert: "Please log in to access this page." unless current_user
+  end
+
+  def authorize_pet!
+    redirect_to @pet, alert: "Not authorized" unless @pet.user == current_user
+  end
+
+  def current_user
+    @current_user ||= User.find(session[:user_id]) if session[:user_id]
+  end
 end

app/controllers/sessions_controller.rb

@@ -0,0 +1,23 @@
+class SessionsController < ApplicationController
+  def new
+  end
+
+  def create
+    user = User.find_by(email: params[:email])
+
+    respond_to do |format|
+      if user && user.authenticate(params[:password])
+        session[:user_id] = user.id
+        format.html { redirect_back(fallback_location: root_path, notice: "Logged in successfully.") }
+        format.json { render :show, status: :created, location: user }
+      else
+        format.html { render :new, status: :unprocessable_entity }
+      end
+    end
+  end
+
+  def destroy
+    session[:user_id] = nil
+    redirect_to root_path, notice: "Logged out successfully."
+  end
+end

app/controllers/users_controller.rb

@@ -0,0 +1,67 @@
+class UsersController < ApplicationController
+  def index
+    @user = User.all
+  end
+
+  def new
+    @user = User.new
+  end
+
+  # GET /user/1/edit
+  def edit
+  end
+
+  def create
+    @user = User.new(user_params)
+
+    respond_to do |format|
+      if @user.save
+        format.html { redirect_to user_url(@user, allow_other_host: true), notice: "User created successfully." }
+        format.json { render :show, status: :created, location: @user }
+      else
+        format.html { render :new, status: :unprocessable_entity }
+        format.json { render json: @user.errors, status: :unprocessable_entity }
+      end
+    end
+  end
+
+  def show
+      @user = User.find(params[:id])
+  end
+
+
+  # PATCH/PUT /user/1 or /user/1.json
+  def update
+    respond_to do |format|
+      if @user.update(user_params)
+        format.html { redirect_to user_url(@user), notice: "User was successfully updated." }
+        format.json { render :show, status: :ok, location: @user }
+      else
+        format.html { render :edit, status: :unprocessable_entity }
+        format.json { render json: @user.errors, status: :unprocessable_entity }
+      end
+    end
+  end
+
+  # DELETE /users/1 or /pets/1.json
+  def destroy
+    @user.destroy!
+
+    respond_to do |format|
+      format.html { redirect_to users_url, notice: "User was successfully destroyed." }
+      format.json { head :no_content }
+    end
+  end
+
+
+  private
+
+  # Use callbacks to share common setup or constraints between actions.
+  def set_user
+    @user = User.find(params[:id])
+  end
+
+  def user_params
+    params.require(:user).permit(:name, :email, :password, :password_confirmation)
+  end
+end

app/helpers/application_helper.rb

@@ -1,2 +1,13 @@
 module ApplicationHelper
+  def current_user
+    @current_user ||= User.find(session[:user_id]) if session[:user_id]
+  end
+
+  def logged_in?
+    !!current_user
+  end
+
+  def authenticate_user!
+    redirect_to login_path, alert: "You must be logged in to access this page." unless logged_in?
+  end
 end

app/helpers/users_helper.rb

@@ -0,0 +1,2 @@
+module UsersHelper
+end

app/models/pet.rb

@@ -1,4 +1,6 @@
 class Pet < ApplicationRecord
+  belongs_to :user
+  # before_action :authenticate_user!, only: [ :edit, :update, :destroy ]
   # Add validations as needed
   # validates :name, presence: true
   # validates :tutor, presence: true

app/models/user.rb

@@ -0,0 +1,6 @@
+class User < ApplicationRecord
+  has_secure_password  # Requires the bcrypt gem for password handling
+  has_many :pets, dependent: :destroy
+
+  validates :email, presence: true, uniqueness: true
+end

app/views/layouts/_navbar.html.erb

@@ -0,0 +1,19 @@
+<!-- app/views/layouts/_navbar.html.erb -->
+<nav>
+  <ul>
+    <li><%= link_to 'Home', root_path %></li>
+    <li><%= link_to 'Pets', pets_path %></li>
+    <li><%= link_to 'Users', users_path %></li>
+    <%
+=begin%>
+ <% if user_signed_in? %>
+      <li>Welcome, <%= current_user.name %>!</li>
+      <li><%= link_to 'Logout', destroy_user_session_path, method: :delete %></li>
+    <% else %>
+      <li><%= link_to 'Login', new_user_session_path %></li>
+      <li><%= link_to 'Sign Up', new_user_registration_path %></li>
+    <% end %> 
+<%
+=end%>
+  </ul>
+</nav>

app/views/layouts/application.html.erb

@@ -18,6 +18,16 @@
   </head>
 
   <body>
+    <%= render 'layouts/navbar' %>
     <%= yield %>
+    <% if logged_in? %>
+    <%= link_to 'Log Out', logout_path, method: :delete %>
+    <% else %>
+    <%= link_to 'Log In', login_path %>
+    <%= link_to 'Sign Up', new_user_path %>
+
+    <%= link_to "Logout", logout_path, method: :delete, data: { confirm: "Are you sure?" } %>
+
+<% end %>
   </body>
 </html>

app/views/pets/index.html.erb

@@ -11,6 +11,7 @@
       <%= link_to "Show this pet", pet %>
     </p>
   <% end %>
+
 </div>
 
 <%= link_to "New pet", new_pet_path %>

app/views/sessions/new.html.erb

@@ -0,0 +1,17 @@
+<h1>Log In</h1>
+
+<%= form_with url: sessions_path, local: true do |form| %>
+  <div class="field">
+    <%= form.label :email %>
+    <%= form.email_field :email %>
+  </div>
+
+  <div class="field">
+    <%= form.label :password %>
+    <%= form.password_field :password %>
+  </div>
+
+  <div class="actions">
+    <%= form.submit "Log In" %>
+  </div>
+<% end %>

app/views/users/_user.html.erb

@@ -0,0 +1,10 @@
+<div id="<%= dom_id user %>">
+  <p>
+    <strong>Username</strong>
+    <%= user.name %>
+  </p>
+
+
+
+
+</div>

app/views/users/_user.json.jbuilder

@@ -0,0 +1,2 @@
+json.extract! user, :id, :username, :created_at, :updated_at
+json.url user_url(user, format: :json)

app/views/users/edit.html.erb

@@ -0,0 +1,12 @@
+<% content_for :title, "Editing user" %>
+
+<h1>Editing user</h1>
+
+<%= render "form", user: @user %>
+
+<br>
+
+<div>
+  <%= link_to "Show this user", @user %> |
+  <%= link_to "Back to users", users_path %>
+</div>

app/views/users/index.html.erb

@@ -0,0 +1,17 @@
+<p style="color: green"><%= notice %></p>
+
+<% content_for :title, "User" %>
+
+<h1>Users List</h1>
+
+<div id="users">
+  <% @user.each do |user| %>
+    <%= render user %>
+    <p>
+      <%= link_to "Show this user", user %>
+    </p>
+  <% end %>
+
+</div>
+
+<%= link_to "New user", new_user_path %>

app/views/users/index.json.jbuilder

@@ -0,0 +1 @@
+json.array! @users, partial: "users/user", as: :pet

app/views/users/new.html.erb

@@ -0,0 +1,56 @@
+<h1>Sign Up</h1>
+
+<%= form_with model: @user, local: true do |form| %>
+  <% if @user.errors.any? %>
+    <div id="error_explanation">
+      <h2><%= pluralize(@user.errors.count, "error") %> prohibited this user from being saved:</h2>
+      <ul>
+        <% @user.errors.full_messages.each do |message| %>
+          <li><%= message %></li>
+        <% end %>
+      </ul>
+    </div>
+  <% end %>
+
+  <div class="field">
+    <%= form.label :name %>
+    <%= form.text_field :name %>
+  </div>
+
+  <div class="field">
+    <%= form.label :email %>
+    <%= form.email_field :email %>
+  </div>
+
+  <div class="field">
+    <%= form.label :password %>
+    <%= form.password_field :password %>
+  </div>
+
+  <div class="field">
+    <%= form.label :password_confirmation %>
+    <%= form.password_field :password_confirmation %>
+  </div>
+
+  <div class="actions">
+    <%= form.submit "Sign Up" %>
+  </div>
+<% end %>
+
+<h1>Log In</h1>
+
+<%= form_with url: login_path, local: true do |form| %>
+  <div class="field">
+    <%= form.label :email %>
+    <%= form.email_field :email %>
+  </div>
+
+  <div class="field">
+    <%= form.label :password %>
+    <%= form.password_field :password %>
+  </div>
+
+  <div class="actions">
+    <%= form.submit "Log In" %>
+  </div>
+<% end %>

app/views/users/show.html.erb

@@ -0,0 +1,9 @@
+<h1><%= @user.name %></h1>
+<p>Email: <%= @user.email %></p>
+
+<h2>Pets</h2>
+<ul>
+  <% @user.pets.each do |pet| %>
+    <li><%= link_to pet.name, pet_path(pet) %></li>
+  <% end %>
+</ul>

app/views/users/show.json.jbuilder

@@ -0,0 +1 @@
+json.partial! "users/user", user: @user