put in a user login

Gemfile

@@ -13,6 +13,7 @@ gem 'uglifier', '>= 1.3.0'
 gem 'coffee-rails', '~> 4.0.0'
 
 gem 'haml'
+gem 'bcrypt'
 
 # Use jquery as the JavaScript library
 gem 'jquery-rails'

Gemfile.lock

@@ -28,6 +28,7 @@ GEM
       thread_safe (~> 0.1)
       tzinfo (~> 1.1)
     arel (5.0.1.20140414130214)
+    bcrypt (3.1.9)
     builder (3.2.2)
     coffee-rails (4.0.1)
       coffee-script (>= 2.2.0)
@@ -127,6 +128,7 @@ PLATFORMS
   ruby
 
 DEPENDENCIES
+  bcrypt
   coffee-rails (~> 4.0.0)
   haml
   jbuilder (~> 2.0)

app/controllers/application_controller.rb

@@ -2,4 +2,9 @@ class ApplicationController < ActionController::Base
   # Prevent CSRF attacks by raising an exception.
   # For APIs, you may want to use :null_session instead.
   protect_from_forgery with: :exception
+
+  def current_user
+    @current_user ||= User.find(session[:user_id]) if session[:user_id]
+  end
+  helper_method :current_user
 end

app/controllers/sessions_controller.rb

@@ -0,0 +1,20 @@
+# sessions controller class
+class SessionsController < ApplicationController
+  def create
+    @user = User.authenticate(params[:email], params[:password])
+    if @user
+      flash[:notice] = 'you log in good'
+      session[:user_id] = @user.id
+      redirect_to root_path
+    else
+      flash[:alert] = 'you try log in but problem'
+      redirect_to log_in_path
+    end
+  end
+
+  def destroy
+    session[:user_id] = nil
+    flash[:notice] = 'stopped being logged in'
+    redirect_to root_path
+  end
+end

app/controllers/users_controller.rb

@@ -0,0 +1,23 @@
+# user controller
+class UsersController < ApplicationController
+  def new
+
+  end
+  def create
+    @user = User.new(user_params)
+    if @user.save
+      flash[:notice] = 'Thanks for the sympathy.'
+      session[:user_id] = @user.id
+      redirect_to root_path
+    else
+      flash[:alert] = 'problem doing the thing'
+      redirect_to :back
+    end
+  end
+
+  private
+
+  def user_params
+    params.require(:user).permit(:email, :password, :password_confirmation)
+  end
+end

app/models/user.rb

@@ -1,2 +1,21 @@
+# practice user class
 class User < ActiveRecord::Base
+  attr_accessor :password
+  validates_confirmation_of :password
+
+  before_save :encrypt_password
+
+  def encrypt_password
+    self.password_salt = BCrypt::Engine.generate_salt
+    self.password_hash = BCrypt::Engine.hash_secret(password, password_salt)
+  end
+
+  def self.authenticate(email, password)
+    user = User.where(email: email).first
+    if user && user.password_hash == BCrypt::Engine.hash_secret(password, user.password_salt)
+      user
+    else
+      nil
+    end
+  end
 end

app/views/home/index.html.haml

@@ -1,2 +1,9 @@
 %h1
   Today we mourn the loss of something with both good and bad aspects.
+- flash.keys.each do |k|
+  = flash[k]
+%hr
+= link_to 'join', new_user_path
+= link_to 'sign in', log_in_path
+= link_to 'sign out', log_out_path
+= current_user ? 'logged in' : 'logged out'

app/views/sessions/new.html.haml

@@ -0,0 +1,11 @@
+%h1
+  Log in
+- flash.keys.each do |k|
+  = flash[k]
+%hr
+= form_tag log_in_path do
+  = label_tag :email
+  = text_field_tag :email
+  = label_tag :password
+  = password_field_tag :password
+  = submit_tag 'Log in'

app/views/users/new.html.haml

@@ -0,0 +1,13 @@
+%h1
+  Sign Up
+- flash.keys.each do |k|
+  = flash[k]
+%hr
+= form_for User.new do |f|
+  = f.label :email
+  = f.text_field :email
+  = f.label :password
+  = f.password_field :password
+  = f.label :password_confirmation
+  = f.password_field :password_confirmation
+  = f.submit "Sign up"

config/routes.rb

@@ -1,6 +1,11 @@
 Rails.application.routes.draw do
   root 'home#index'
-  #   resources :products
+
+  get '/log-in' => 'sessions#new'
+  post '/log-in' => 'sessions#create'
+  get '/log-out' => 'sessions#destroy', as: :log_out
+
+  resources :users, only: [:new, :create]
 
   # Example resource route with options:
   #   resources :products do