update security handling for user namespace

2012-11-22 15:47:28 +01:00
parent b9efc6e860
commit ef31958bd6
24 changed files with 634 additions and 64 deletions
@@ -1,19 +1,19 @@
 ul.nav.nav-pills
  - if controller_name != 'sessions'
-    li= link_to t('devise.sessions.button'), new_session_path(resource_name)
+    li= link_to t('devise.sessions.button'), new_session_path(resource_name), class: [:devise, :btn]

  - if devise_mapping.registerable? && controller_name != 'registrations'
-    li= link_to t('devise.registrations.button'), new_registration_path(resource_name)
+    li= link_to t('devise.registrations.button'), new_registration_path(resource_name), class: [:devise, :btn]

  - if devise_mapping.recoverable? && controller_name != 'passwords'
-    li= link_to t('devise.sessions.forgot_your_password'), new_password_path(resource_name)
+    li= link_to t('devise.sessions.forgot_your_password'), new_password_path(resource_name), class: [:devise, :btn]

  - if devise_mapping.confirmable? && controller_name != 'confirmations'
-    li= link_to t('devise.confirmations.did_not_receive_instructions_link'), new_confirmation_path(resource_name)
+    li= link_to t('devise.confirmations.did_not_receive_instructions_link'), new_confirmation_path(resource_name), class: [:devise, :btn]

  - if devise_mapping.lockable? && resource_class.unlock_strategy_enabled?(:email) && controller_name != 'unlocks'
-    li= link_to t('devise.unlocks.did_not_receive_instructions_link'), new_unlock_path(resource_name)
+    li= link_to t('devise.unlocks.did_not_receive_instructions_link'), new_unlock_path(resource_name), class: [:devise, :btn]

  - if devise_mapping.omniauthable?
    - resource_class.omniauth_providers.each do |provider|
-      li= link_to t('devise.omniauth_callbacks.sign_in_with', provider: provider.to_s.titleize), omniauth_authorize_path(resource_name, provider)
+      li= link_to t('devise.omniauth_callbacks.sign_in_with', provider: provider.to_s.titleize), omniauth_authorize_path(resource_name, provider), class: [:devise, :btn]
@@ -1,16 +0,0 @@
-<h2>Change your password</h2>
-
-<%= form_for(resource, :as => resource_name, :url => password_path(resource_name), :html => { :method => :put }) do |f| %>
-  <%= devise_error_messages! %>
-  <%= f.hidden_field :reset_password_token %>
-
-  <div><%= f.label :password, "New password" %><br />
-  <%= f.password_field :password %></div>
-
-  <div><%= f.label :password_confirmation, "Confirm new password" %><br />
-  <%= f.password_field :password_confirmation %></div>
-
-  <div><%= f.submit "Change my password" %></div>
-<% end %>
-
-<%= render "links" %>
@@ -0,0 +1,14 @@
+h2= t('devise.passwords.edit.title')
+= form_for(resource, :as => resource_name, :url => password_path(resource_name), html: {class: 'form-horizontal', method: :put}) do |f| 
+  = devise_error_messages!
+  = f.hidden_field :reset_password_token
+  .control-group
+     = f.label :password, class: 'control-label'
+     .controls= f.password_field :password
+  .control-group
+     = f.label :password_confirmation, class: 'control-label'
+     .controls= f.password_field :password_confirmation
+  .control-group
+    .controls
+      = f.submit t('devise.passwords.edit.button'), class: 'btn btn-primary'
+= render "links"
@@ -1,12 +0,0 @@
-<h2>Forgot your password?</h2>
-
-<%= form_for(resource, :as => resource_name, :url => password_path(resource_name), :html => { :method => :post }) do |f| %>
-  <%= devise_error_messages! %>
-
-  <div><%= f.label :email %><br />
-  <%= f.email_field :email %></div>
-
-  <div><%= f.submit "Send me reset password instructions" %></div>
-<% end %>
-
-<%= render "links" %>
@@ -0,0 +1,10 @@
+h2= t('devise.passwords.title')
+= form_for(resource, :as => resource_name, :url => password_path(resource_name), html: {class: 'form-horizontal'}) do |f| 
+  = devise_error_messages!
+  .control-group
+     = f.label :email, class: 'control-label'
+     .controls= f.email_field :email
+  .control-group
+    .controls
+      = f.submit t('devise.passwords.button'), class: 'btn btn-primary'
+= render "links"
@@ -12,5 +12,5 @@ h2= t('devise.registrations.title')
     .controls= f.password_field :password_confirmation
  .control-group
    .controls
-      = f.submit t('devise.registrations.button')
+      = f.submit t('devise.registrations.button'), class: 'btn btn-primary'
 = render "links"
@@ -0,0 +1,19 @@
+doctype html
+html lang="en"
+  head
+    meta charset="utf-8"
+    meta http-equiv="X-UA-Compatible" content="IE=Edge,chrome=1"
+    meta name="viewport" content="width=device-width, initial-scale=1.0"
+    title= content_for?(:title) ? yield(:title) : application_title
+    = stylesheet_link_tag 'obtain_token/application'
+    = csrf_meta_tags
+  body class=action_name
+    - if flash[:alert].present?
+      .alert.alert-error
+        a.close data-dismiss="alert" &#215;
+        div= flash[:alert]
+    - if flash[:notice].present?
+      .alert.alert-success
+        a.close data-dismiss="alert" &#215;
+        div= flash[:notice]
+    #obtain-token-container= yield
@@ -19,7 +19,7 @@ html lang="en"
    javascript:
      var data_host = '#{Rails.env == 'development' ? 'http://localhost:3000' : 'http://data.qwaiter.com' }';
      //var data_host = 'http://localhost:3000';
-      //var data_host = 'http://192.168.1.74:3000';
+      data_host = 'http://192.168.1.148:3000';
      var $locale = '#{I18n.locale}';
      var $url_vars = null;
      // Dummy holder when Qmobile object is not supplied by the mobile phone
@@ -36,7 +36,8 @@ html lang="en"
        },
        root_url: function(){return 'file:///Users/bterkuile/Documents/workspace/Qwaiter/assets'},
        root_url: function(){return ''},
-        goHome: function(){ window.location = QMobile.root_url() + path_mapping['user_root'] + '.html'}
+        goHome: function(){ redirect_to('user_root')},
+        connection_problem: function(){alert('There is a problem connecting to the server')}
      });
      //QMobile.setAuthToken('i5brDZ1HS1okoEq3pMyh');