start writing tests

Gemfile

@@ -30,7 +30,7 @@ gem 'jbuilder', '~> 2.5'
 # Use Redis adapter to run Action Cable in production
 # gem 'redis', '~> 3.0'
 # Use ActiveModel has_secure_password
-# gem 'bcrypt', '~> 3.1.7'
+gem 'bcrypt', '~> 3.1.7'
 
 # Authentication.
 gem 'omniauth'

Gemfile.lock

@@ -39,6 +39,7 @@ GEM
       minitest (~> 5.1)
       tzinfo (~> 1.1)
     arel (7.1.4)
+    bcrypt (3.1.11)
     bigbluebutton-api-ruby (1.6.0)
       xml-simple (~> 1.1)
     bindex (0.5.0)
@@ -201,6 +202,7 @@ PLATFORMS
   ruby
 
 DEPENDENCIES
+  bcrypt (~> 3.1.7)
   bigbluebutton-api-ruby
   bootstrap-sass (= 3.3.0.0)
   bootstrap-social-rails (~> 4.12)

app/controllers/meetings_controller.rb

@@ -86,7 +86,8 @@ def wait
   private
 
   def meeting_params(room)
-    params.require(:meeting).permit(:name).merge!(room_id: room.id)
+    params.require(:meeting).permit(:name).merge!(room: room)
+    #params.require(:meeting).permit(:name).merge!(room_id: room.id)
   end
 
   def default_meeting_options

app/controllers/sessions_controller.rb

@@ -6,17 +6,35 @@ def new
 
   # GET /logout
   def destroy
-    logout
+    logout if current_user
   end
 
-  # GET/POST /auth/:provider/callback
+  # POST /login
   def create
+    user = User.find_by(email: session_params[:email])
+    if user && user.authenticate(session_params[:password])
+      login(user)
+    else
+      # Login unsuccessful, display error message.
+
+      render :new
+    end
+  end
+
+  # GET/POST /auth/:provider/callback
+  def omniauth_session
     user = User.from_omniauth(request.env['omniauth.auth'])
     login(user)
   end
 
   # POST /auth/failure
   def fail
+    redirect_to root_path
+  end
+
+  private
 
+  def session_params
+    params.require(:session).permit(:email, :password)
   end
 end

app/controllers/users_controller.rb

@@ -1,2 +1,23 @@
 class UsersController < ApplicationController
+
+  # GET /signup
+  def new
+    @user = User.new
+  end
+
+  # POST /signup
+  def create
+    user = User.new(user_params)
+    if user.save
+      login(user)
+    else
+      render :new
+    end
+  end
+
+  private
+
+  def user_params
+    params.require(:user).permit(:name, :email, :password, :password_confirmation)
+  end
 end

app/models/meeting.rb

@@ -2,6 +2,8 @@ class Meeting < ApplicationRecord
 
   before_create :generate_meeting_id
 
+  validates :name, presence: true
+
   belongs_to :room
 
   # Creates a meeting on the BigBlueButton server.
@@ -11,9 +13,7 @@ def create(options = {})
       logoutURL: options[:meeting_logout_url] || '',
       moderatorPW: random_password(12),
       attendeePW: random_password(12),
-      moderatorOnlyMessage: options[:moderator_message],
-      "meta_#{BigBlueHelper::META_LISTED}": false,
-      "meta_#{BigBlueHelper::META_TOKEN}": name
+      moderatorOnlyMessage: options[:moderator_message]
     }
 
     #meeting_options.merge!(

app/models/room.rb

@@ -11,7 +11,10 @@ def owned_by?(user)
 
   private
 
+  # Generates a uid for the room.
   def set_uid
-    self.uid = Digest::SHA1.hexdigest(user.uid + user.provider + user.username)[0..12]
+    digest = user.id.to_s + user.provider + user.username
+    digest += user.uid unless user.uid.nil?
+    self.uid = Digest::SHA1.hexdigest(digest)[0..12]
   end
 end

app/models/user.rb

@@ -1,7 +1,23 @@
 class User < ApplicationRecord
 
+  after_create :initialize_room
+  before_save { email.downcase! }
+
   has_one :room
 
+  validates :name, length: { maximum: 24 }, presence: true
+  validates :username, presence: true
+  validates :provider, presence: true
+  validates :email, length: { maximum: 60 }, presence: true,
+                    uniqueness: { case_sensitive: false },
+                    format: {with: /\A[\w+\-.]+@[a-z\d\-.]+\.[a-z]+\z/i }
+
+  validates :password, length: { minimum: 6 }, allow_nil: true
+
+  # We don't want to run the validations because they require a user
+  # to have a password. Users who authenticate via omniauth won't.
+  has_secure_password(validations: false)
+
   class << self
 
     # Generates a user from omniauth.
@@ -10,10 +26,6 @@ def from_omniauth(auth)
       user.name = send("#{auth['provider']}_name", auth)
       user.username = send("#{auth['provider']}_username", auth)
       user.email = send("#{auth['provider']}_email", auth)
-      #user.token = auth['credentials']['token']
-
-      # Create a room for the user if they don't have one.
-      user.room = Room.create unless user.room
 
       user.save!
       user
@@ -48,4 +60,11 @@ def google_email(auth)
 
   end
 
+  private
+
+  # Initializes a room for the user.
+  def initialize_room
+    self.room = Room.new
+    self.save!
+  end
 end

app/views/rooms/index.html.erb

@@ -19,4 +19,4 @@
 <% end %>
 <br>
 
-<%= link_to 'Logout', user_logout_path %>
+<%= link_to 'Logout', logout_path %>

app/views/sessions/new.html.erb

@@ -24,6 +24,21 @@
             <% end %>
           <% end %>
 
+          <center><p>or...<br><br></p></center>
+
+          <%= form_for(:session, url: login_path) do |f| %>
+            <div class="input-field col s12">
+              <%= f.label :email, "Email Address" %>
+              <%= f.text_field :email %>
+            </div>
+            <div class="input-field col s12">
+              <%= f.label :password %>
+              <%= f.password_field :password %>
+            </div>
+            <br>
+            <%= f.submit "Login", class: "btn white-text light-green" %>
+            <%= link_to "Don't have an account? Sign up!", signup_path %>
+          <% end %>
         </div>
       <% end %>
     </div>

app/views/shared/_signup.html.erb

@@ -6,12 +6,12 @@
     <% else %>
       <%= link_to(t('return_to_room'), room_path(current_user)) %>
     <% end %>
-    <div><%= link_to t('logout'), user_logout_url %></div>
+    <div><%= link_to t('logout'), logout_url %></div>
   </div>
   <% else %>
     <div class="text-center">
       <span><%= t('login_description') %></span>
-      <div><%= link_to t('login'), user_login_url %></div>
+      <div><%= link_to t('login'), login_url %></div>
     </div>
   <% end %>
 </span>

config/routes.rb

@@ -9,10 +9,20 @@
     end
   end
 
-  get '/login', to: 'sessions#new', as: :user_login
-  get '/logout', to: 'sessions#destroy', as: :user_logout
+  get '/signup', to: 'users#new'
+  post '/signup', to: 'users#create'
 
-  match '/auth/:provider/callback', to: 'sessions#create', via: [:get, :post]
+  # Login to Greenlight.
+  get '/login', to: 'sessions#new'
+
+  # Handles login of :greenlight provider account.
+  post '/login',  to: 'sessions#create', as: :create_session
+
+  # Log the user out of the session.
+  get '/logout', to: 'sessions#destroy'
+
+  # Handles Omniauth authentication.
+  match '/auth/:provider/callback', to: 'sessions#omniauth_session', via: [:get, :post], as: :omniauth_session
   get '/auth/failure', to: 'sessions#fail'
 
   root to: 'main#index'