Merge branch 'auth_admin_feature'

This commit is contained in:
yafeilee 2014-04-01 08:30:13 +08:00
commit 691c5dd40d
10 changed files with 95 additions and 0 deletions

View File

@ -0,0 +1,19 @@
@app.controller 'AdminSessionsController', ($scope, $http, $timeout)->
url = '/admin/sessions'
$scope.login = ->
$http
url: url
method: 'POST'
params:
username: $scope.username
password: $scope.password
.success (res)->
if res.success
window.location = '/admin'
else
$scope.password = ''
$scope.error_msg = res.message
$timeout ->
$scope.error_msg = null
, 5000

View File

@ -28,6 +28,12 @@
margin-top: 2rem;
}
tr {
&:hover {
background-color: #EEEEEE;
}
}
}
.edit-post-link {

View File

@ -0,0 +1,24 @@
class Admin::SessionsController < ApplicationController
layout 'layouts/admin'
def new
end
def create
if ! ENV['ADMIN_USER']
render :json=> { success: false, message: '系统未配置管理员账户, 无法登录' }
elsif ENV['ADMIN_USER'] != params[:username]
render :json=> { success: false, message: '管理员账户错误' }
elsif ENV['ADMIN_PASSWORD'] != params[:password]
render :json=> { success: false, message: '管理员密码错误' }
else
session[:login] = true
render :json=> { success: true }
end
end
def destroy
session[:login] = nil
redirect_to new_admin_session_path
end
end

View File

@ -3,6 +3,8 @@ class ApplicationController < ActionController::Base
helper_method :format_time, :format_date
helper_method :admin_username
def format_time(time)
time.strftime("%Y-%m-%d %H:%M")
end
@ -13,5 +15,12 @@ class ApplicationController < ActionController::Base
protected
def authericate_user!
if ! session[:login]
redirect_to new_admin_session_path
end
end
def admin_username
session[:login] && ENV['ADMIN_USER']
end
end

View File

@ -0,0 +1,2 @@
h1 Admin::Sessions#create
p Find me in app/views/admin/sessions/create.html.slim

View File

@ -0,0 +1,2 @@
h1 Admin::Sessions#destroy
p Find me in app/views/admin/sessions/destroy.html.slim

View File

@ -0,0 +1,16 @@
.row ng-controller="AdminSessionsController"
.small-12.large-8.columns
h3.blog-title 登录后台
form ng-submit="login()"
.row
.small-12.large-8.columns
= label_tag 'username', '用户名'
= text_field_tag 'username', nil, placeholder: '管理员账号', "ng-model"=>"username"
= label_tag 'username', '密码'
= password_field_tag 'password', nil, placeholder: '管理员密码', "ng-model"=>"password"
p
.alert-box.warning ng-show=" error_msg "
|{{ error_msg }}
button 登录

View File

@ -24,6 +24,9 @@ html
ul.right
li
= link_to '返回首页', root_path
- if admin_username
li
= link_to admin_username + ' [ 退出 ]', admin_session_path(1), method: 'DELETE'
- flash.each do |name, msg|
- if msg.is_a?(String)
div class=("alert-box #{name == :notice ? "success" : "alert"}") data-alert=""

View File

@ -24,8 +24,10 @@ WBlog::Application.routes.draw do
post :preview
end
end
resources :sessions, :only=>[:new, :create, :destroy]
root to: 'dashboard#index'
end
get '/about' => 'home#index'
get '/:type' => 'archives#index'
end

View File

@ -0,0 +1,12 @@
require 'spec_helper'
describe Admin::SessionsController do
describe "GET 'new'" do
it "returns http success" do
get 'new'
response.should be_success
end
end
end