From 5db8eab56492d6ff6bdae7bbab0c65a9141f7e26 Mon Sep 17 00:00:00 2001 From: James Espinosa Date: Sun, 24 Nov 2013 20:34:18 -0600 Subject: [PATCH 01/11] Fix typo, should be password --- app/views/users/forgot_password.html.erb | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/app/views/users/forgot_password.html.erb b/app/views/users/forgot_password.html.erb index 034add2..81c54ec 100644 --- a/app/views/users/forgot_password.html.erb +++ b/app/views/users/forgot_password.html.erb @@ -7,9 +7,9 @@
<%= form_tag "forgot_password", :class=> "signup-wrapper" do %>
- +

Forgot Password

-

Fill out the form below to reset your email.

+

Fill out the form below to reset your password.

@@ -19,7 +19,7 @@
<%= submit_tag "Send Forgot Password Email", {:class => "btn btn-warning btn-small"} %> - +
<% end %> From a9fad698e82b4d1662c1dc6dfb483c35442d8ee3 Mon Sep 17 00:00:00 2001 From: James Espinosa Date: Sun, 24 Nov 2013 20:42:17 -0600 Subject: [PATCH 02/11] Minor code cleanup, for readability --- app/views/sessions/new.html.erb | 58 ++++++++++++------------ app/views/users/forgot_password.html.erb | 50 ++++++++++---------- 2 files changed, 56 insertions(+), 52 deletions(-) diff --git a/app/views/sessions/new.html.erb b/app/views/sessions/new.html.erb index a7c9932..111f896 100755 --- a/app/views/sessions/new.html.erb +++ b/app/views/sessions/new.html.erb @@ -1,34 +1,36 @@
-

MetaCorp

-

A GoatGroup Company

+

MetaCorp

+

A GoatGroup Company

-
-
- -
\ No newline at end of file +
+
\ No newline at end of file diff --git a/app/views/users/forgot_password.html.erb b/app/views/users/forgot_password.html.erb index 81c54ec..cd4616d 100644 --- a/app/views/users/forgot_password.html.erb +++ b/app/views/users/forgot_password.html.erb @@ -1,30 +1,32 @@
-

MetaCorp

-

A GoatGroup Company

+

MetaCorp

+

A GoatGroup Company

-
-
- -
\ No newline at end of file +
+
\ No newline at end of file From 9a5f04cefd93d72170be8a96ef8aabd931ab5edd Mon Sep 17 00:00:00 2001 From: James Espinosa Date: Sun, 24 Nov 2013 20:48:07 -0600 Subject: [PATCH 03/11] Update button, for consistency --- app/assets/stylesheets/main.css.erb | 2 +- app/views/sessions/new.html.erb | 2 +- app/views/users/forgot_password.html.erb | 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) diff --git a/app/assets/stylesheets/main.css.erb b/app/assets/stylesheets/main.css.erb index 2296075..a46df97 100755 --- a/app/assets/stylesheets/main.css.erb +++ b/app/assets/stylesheets/main.css.erb @@ -4616,7 +4616,7 @@ button.close { .signup .signup-wrapper .actions { padding: 10px; } .signup .signup-wrapper .actions a { - color: #b3b3b3; } + color: #ffffff; } .signup .signup-wrapper .checkbox { visibility: hidden; } .signup .signup-wrapper .checkbox-wrapper { diff --git a/app/views/sessions/new.html.erb b/app/views/sessions/new.html.erb index 111f896..a1fa5a0 100755 --- a/app/views/sessions/new.html.erb +++ b/app/views/sessions/new.html.erb @@ -22,7 +22,7 @@
- <%= link_to "Forgot Password", forgot_password_path, {:class => "btn btn-warning btn-small"} %> + <%= link_to "Forgot Password", forgot_password_path, {:class => "btn btn-danger btn-large"} %> <%= submit_tag "Login", {:class => "btn btn-info btn-large pull-right"} %>
diff --git a/app/views/users/forgot_password.html.erb b/app/views/users/forgot_password.html.erb index cd4616d..6e7408a 100644 --- a/app/views/users/forgot_password.html.erb +++ b/app/views/users/forgot_password.html.erb @@ -19,7 +19,7 @@
- <%= submit_tag "Send Forgot Password Email", {:class => "btn btn-warning btn-small"} %> + <%= submit_tag "Send Forgot Password Email", {:class => "btn btn-danger btn-large"} %>
From 93d7c2bd4407f1e3600253b848c20bf393ab1a7f Mon Sep 17 00:00:00 2001 From: James Espinosa Date: Sun, 24 Nov 2013 23:57:52 -0600 Subject: [PATCH 04/11] Add mailtrap.io SMTP settings --- app/mailers/user_mailer.rb | 3 +++ app/views/user_mailer/forgot_password.html.erb | 0 app/views/user_mailer/forgot_password.text.erb | 0 config/initializers/smtp_settings.rb | 9 +++++++++ spec/mailers/user_mailer_spec.rb | 5 +++++ 5 files changed, 17 insertions(+) create mode 100644 app/mailers/user_mailer.rb create mode 100644 app/views/user_mailer/forgot_password.html.erb create mode 100644 app/views/user_mailer/forgot_password.text.erb create mode 100644 config/initializers/smtp_settings.rb create mode 100644 spec/mailers/user_mailer_spec.rb diff --git a/app/mailers/user_mailer.rb b/app/mailers/user_mailer.rb new file mode 100644 index 0000000..f3d8202 --- /dev/null +++ b/app/mailers/user_mailer.rb @@ -0,0 +1,3 @@ +class UserMailer < ActionMailer::Base + default from: "from@example.com" +end diff --git a/app/views/user_mailer/forgot_password.html.erb b/app/views/user_mailer/forgot_password.html.erb new file mode 100644 index 0000000..e69de29 diff --git a/app/views/user_mailer/forgot_password.text.erb b/app/views/user_mailer/forgot_password.text.erb new file mode 100644 index 0000000..e69de29 diff --git a/config/initializers/smtp_settings.rb b/config/initializers/smtp_settings.rb new file mode 100644 index 0000000..9fd2765 --- /dev/null +++ b/config/initializers/smtp_settings.rb @@ -0,0 +1,9 @@ +ActionMailer::Base.smtp_settings = { + :address => 'mailtrap.io', + :port => 2525, + :authentication => :plain, + :user_name => ENV['MAILTRAP_USERNAME'], + :password => ENV['MAILTRAP_PASSWORD'], +} + +ActionMailer::Base.delivery_method = :smtp \ No newline at end of file diff --git a/spec/mailers/user_mailer_spec.rb b/spec/mailers/user_mailer_spec.rb new file mode 100644 index 0000000..8d004b3 --- /dev/null +++ b/spec/mailers/user_mailer_spec.rb @@ -0,0 +1,5 @@ +require "spec_helper" + +describe UserMailer do + pending "add some examples to (or delete) #{__FILE__}" +end From 26e04deb9f8b12e6cca112255d75d1e03f282227 Mon Sep 17 00:00:00 2001 From: James Espinosa Date: Mon, 25 Nov 2013 19:36:33 -0600 Subject: [PATCH 05/11] Implement basic password reset mailer --- app/controllers/users_controller.rb | 4 ++-- app/mailers/user_mailer.rb | 7 ++++++- app/views/user_mailer/forgot_password.html.erb | 14 ++++++++++++++ app/views/user_mailer/forgot_password.text.erb | 7 +++++++ config/initializers/smtp_settings.rb | 2 +- 5 files changed, 30 insertions(+), 4 deletions(-) diff --git a/app/controllers/users_controller.rb b/app/controllers/users_controller.rb index aa6dde1..9bf5160 100755 --- a/app/controllers/users_controller.rb +++ b/app/controllers/users_controller.rb @@ -5,7 +5,7 @@ class UsersController < ApplicationController def forgot_password @user = User.find_by_email(params[:email]) unless params[:email].nil? - + if @user && password_reset_mailer_setup(@user) flash[:success] = "Password reset email sent to #{params[:email]}" redirect_to :login @@ -67,7 +67,7 @@ class UsersController < ApplicationController def password_reset_mailer_setup(user) token = generate_token(user.id, user.email) - #reset_password_mailer(user.email, token) + UserMailer.forgot_password(user.email, token).deliver end def generate_token(id, email) diff --git a/app/mailers/user_mailer.rb b/app/mailers/user_mailer.rb index f3d8202..1c61b83 100644 --- a/app/mailers/user_mailer.rb +++ b/app/mailers/user_mailer.rb @@ -1,3 +1,8 @@ class UserMailer < ActionMailer::Base - default from: "from@example.com" + default from: "noreply@railsgoat.dev" + + def forgot_password(email, token) + @token = token + mail(to: "#{email}", subject: "Reset your RailsGoat password") + end end diff --git a/app/views/user_mailer/forgot_password.html.erb b/app/views/user_mailer/forgot_password.html.erb index e69de29..a9f5913 100644 --- a/app/views/user_mailer/forgot_password.html.erb +++ b/app/views/user_mailer/forgot_password.html.erb @@ -0,0 +1,14 @@ + + + + + + +

Need help logging in?

+

+ To reset your RailsGoat password, simply click on the + following link and follow the instructions: <%= @token %>.
+

+

Thanks, and have a great day!

+ + \ No newline at end of file diff --git a/app/views/user_mailer/forgot_password.text.erb b/app/views/user_mailer/forgot_password.text.erb index e69de29..cdc672e 100644 --- a/app/views/user_mailer/forgot_password.text.erb +++ b/app/views/user_mailer/forgot_password.text.erb @@ -0,0 +1,7 @@ +Need help logging in? +========================================================== + +To reset your RailsGoat password, simply click on the +following link and follow the instructions: <%= @token %>. + +Thanks, and have a great day! \ No newline at end of file diff --git a/config/initializers/smtp_settings.rb b/config/initializers/smtp_settings.rb index 9fd2765..ecb0901 100644 --- a/config/initializers/smtp_settings.rb +++ b/config/initializers/smtp_settings.rb @@ -3,7 +3,7 @@ ActionMailer::Base.smtp_settings = { :port => 2525, :authentication => :plain, :user_name => ENV['MAILTRAP_USERNAME'], - :password => ENV['MAILTRAP_PASSWORD'], + :password => ENV['MAILTRAP_PASSWORD'] } ActionMailer::Base.delivery_method = :smtp \ No newline at end of file From 1a3d6d690c9afe32f7e4418e06798990641b052a Mon Sep 17 00:00:00 2001 From: James Espinosa Date: Tue, 3 Dec 2013 21:16:44 -0600 Subject: [PATCH 06/11] Update SMTP settings for Mailcatcher --- app/controllers/users_controller.rb | 2 +- config/environments/development.rb | 6 +++++- config/initializers/smtp_settings.rb | 9 --------- 3 files changed, 6 insertions(+), 11 deletions(-) delete mode 100644 config/initializers/smtp_settings.rb diff --git a/app/controllers/users_controller.rb b/app/controllers/users_controller.rb index 9bf5160..2f92c18 100755 --- a/app/controllers/users_controller.rb +++ b/app/controllers/users_controller.rb @@ -72,7 +72,7 @@ class UsersController < ApplicationController def generate_token(id, email) hash = Digest::MD5.hexdigest(email) - "#{id}~#{hash}" + "#{id}-#{hash}" end end diff --git a/config/environments/development.rb b/config/environments/development.rb index 9db258d..27e657b 100755 --- a/config/environments/development.rb +++ b/config/environments/development.rb @@ -34,7 +34,11 @@ Railsgoat::Application.configure do # Expands the lines which load the assets config.assets.debug = true - + + # ActionMailer settings for email support + config.action_mailer.delivery_method = :smtp + config.action_mailer.smtp_settings = { :address => "localhost", :port => 1025 } + config.middleware.insert_before( Rack::Lock, Rack::LiveReload, :min_delay => 500, diff --git a/config/initializers/smtp_settings.rb b/config/initializers/smtp_settings.rb deleted file mode 100644 index ecb0901..0000000 --- a/config/initializers/smtp_settings.rb +++ /dev/null @@ -1,9 +0,0 @@ -ActionMailer::Base.smtp_settings = { - :address => 'mailtrap.io', - :port => 2525, - :authentication => :plain, - :user_name => ENV['MAILTRAP_USERNAME'], - :password => ENV['MAILTRAP_PASSWORD'] -} - -ActionMailer::Base.delivery_method = :smtp \ No newline at end of file From da1845e8f96e8b75ae7dc48788a596acec4d14d0 Mon Sep 17 00:00:00 2001 From: James Espinosa Date: Wed, 4 Dec 2013 00:57:32 -0600 Subject: [PATCH 07/11] Implement working mailer and controller --- .../javascripts/password_resets.js.coffee | 3 ++ .../stylesheets/password_resets.css.scss | 3 ++ app/controllers/password_resets_controller.rb | 29 ++++++++++++++ app/helpers/password_resets_helper.rb | 2 + app/mailers/user_mailer.rb | 4 +- .../password_resets/reset_password.html.erb | 38 +++++++++++++++++++ .../user_mailer/forgot_password.html.erb | 13 ++++++- .../user_mailer/forgot_password.text.erb | 10 ++++- app/views/users/forgot_password.html.erb | 2 +- config/environments/development.rb | 1 + config/routes.rb | 2 +- .../password_resets_controller_spec.rb | 12 ++++++ spec/helpers/password_resets_helper_spec.rb | 15 ++++++++ .../password_resets/new.html.erb_spec.rb | 5 +++ 14 files changed, 132 insertions(+), 7 deletions(-) create mode 100644 app/assets/javascripts/password_resets.js.coffee create mode 100644 app/assets/stylesheets/password_resets.css.scss create mode 100644 app/controllers/password_resets_controller.rb create mode 100644 app/helpers/password_resets_helper.rb create mode 100644 app/views/password_resets/reset_password.html.erb create mode 100644 spec/controllers/password_resets_controller_spec.rb create mode 100644 spec/helpers/password_resets_helper_spec.rb create mode 100644 spec/views/password_resets/new.html.erb_spec.rb diff --git a/app/assets/javascripts/password_resets.js.coffee b/app/assets/javascripts/password_resets.js.coffee new file mode 100644 index 0000000..7615679 --- /dev/null +++ b/app/assets/javascripts/password_resets.js.coffee @@ -0,0 +1,3 @@ +# Place all the behaviors and hooks related to the matching controller here. +# All this logic will automatically be available in application.js. +# You can use CoffeeScript in this file: http://jashkenas.github.com/coffee-script/ diff --git a/app/assets/stylesheets/password_resets.css.scss b/app/assets/stylesheets/password_resets.css.scss new file mode 100644 index 0000000..8160ad8 --- /dev/null +++ b/app/assets/stylesheets/password_resets.css.scss @@ -0,0 +1,3 @@ +// Place all the styles related to the password_resets controller here. +// They will automatically be included in application.css. +// You can use Sass (SCSS) here: http://sass-lang.com/ diff --git a/app/controllers/password_resets_controller.rb b/app/controllers/password_resets_controller.rb new file mode 100644 index 0000000..1493f99 --- /dev/null +++ b/app/controllers/password_resets_controller.rb @@ -0,0 +1,29 @@ +class PasswordResetsController < ApplicationController + skip_before_filter :authenticated, :only => [:reset_password] + + def reset_password + token = params[:token] unless params[:token].nil? + + if token && is_valid?(token) + flash[:success] = "Password reset token confirmed! Please create a new password." + #redirect_to :reset_password + else + flash[:error] = "Invalid password reset token. Please try again." + redirect_to :login + end + end + + private + + def is_valid?(token) + if token =~ /(?\d+)-(?[A-Z0-9]{32})/i + + # Fetch the user by their id, and hash their email address + user = User.find_by_id($~[:user_id]) + email = Digest::MD5.hexdigest(user.email) + + # Compare and validate our hashes + return true if email == $~[:email_hash] + end + end +end diff --git a/app/helpers/password_resets_helper.rb b/app/helpers/password_resets_helper.rb new file mode 100644 index 0000000..0c9d96e --- /dev/null +++ b/app/helpers/password_resets_helper.rb @@ -0,0 +1,2 @@ +module PasswordResetsHelper +end diff --git a/app/mailers/user_mailer.rb b/app/mailers/user_mailer.rb index 1c61b83..209b839 100644 --- a/app/mailers/user_mailer.rb +++ b/app/mailers/user_mailer.rb @@ -3,6 +3,8 @@ class UserMailer < ActionMailer::Base def forgot_password(email, token) @token = token - mail(to: "#{email}", subject: "Reset your RailsGoat password") + @url = url_for(controller: "password_resets", action: "reset_password", only_path: false) + "?token=#{token}" + + mail(to: "#{email}", subject: "Reset your MetaCorp password") end end diff --git a/app/views/password_resets/reset_password.html.erb b/app/views/password_resets/reset_password.html.erb new file mode 100644 index 0000000..0cd2fe8 --- /dev/null +++ b/app/views/password_resets/reset_password.html.erb @@ -0,0 +1,38 @@ +
+

MetaCorp

+

A GoatGroup Company

+
+
+
+ + + + + + + +
+
+
+
\ No newline at end of file diff --git a/app/views/user_mailer/forgot_password.html.erb b/app/views/user_mailer/forgot_password.html.erb index a9f5913..ca2fe76 100644 --- a/app/views/user_mailer/forgot_password.html.erb +++ b/app/views/user_mailer/forgot_password.html.erb @@ -6,8 +6,17 @@

Need help logging in?

- To reset your RailsGoat password, simply click on the - following link and follow the instructions: <%= @token %>.
+ A password reset was requested for your user account.
+
+ + To reset your MetaCorp password, simply click on the + following link and follow the instructions:
+
+ + <%= link_to "Click here to reset your password", @url %>
+
+ + If you don't want to change your password, you can ignore this email.

Thanks, and have a great day!

diff --git a/app/views/user_mailer/forgot_password.text.erb b/app/views/user_mailer/forgot_password.text.erb index cdc672e..92067db 100644 --- a/app/views/user_mailer/forgot_password.text.erb +++ b/app/views/user_mailer/forgot_password.text.erb @@ -1,7 +1,13 @@ Need help logging in? ========================================================== -To reset your RailsGoat password, simply click on the -following link and follow the instructions: <%= @token %>. +A password reset was requested for your user account. + +To reset your MetaCorp password, simply copy the +following link and follow the instructions: + +<%= @url %> + +If you don't want to change your password, you can ignore this email. Thanks, and have a great day! \ No newline at end of file diff --git a/app/views/users/forgot_password.html.erb b/app/views/users/forgot_password.html.erb index 6e7408a..be3d8a3 100644 --- a/app/views/users/forgot_password.html.erb +++ b/app/views/users/forgot_password.html.erb @@ -19,7 +19,7 @@
- <%= submit_tag "Send Forgot Password Email", {:class => "btn btn-danger btn-large"} %> + <%= submit_tag "Reset Password", {:class => "btn btn-danger btn-large"} %>
diff --git a/config/environments/development.rb b/config/environments/development.rb index 27e657b..39b0f53 100755 --- a/config/environments/development.rb +++ b/config/environments/development.rb @@ -38,6 +38,7 @@ Railsgoat::Application.configure do # ActionMailer settings for email support config.action_mailer.delivery_method = :smtp config.action_mailer.smtp_settings = { :address => "localhost", :port => 1025 } + config.action_mailer.default_url_options = { :host => "localhost:3000" } config.middleware.insert_before( Rack::Lock, Rack::LiveReload, diff --git a/config/routes.rb b/config/routes.rb index 441d118..a9f6e25 100755 --- a/config/routes.rb +++ b/config/routes.rb @@ -4,9 +4,9 @@ Railsgoat::Application.routes.draw do get "signup" => "users#new" get "logout" => "sessions#destroy" match "forgot_password" => "users#forgot_password" + match "password_resets" => "password_resets#reset_password" resources :sessions do - end resources :users do diff --git a/spec/controllers/password_resets_controller_spec.rb b/spec/controllers/password_resets_controller_spec.rb new file mode 100644 index 0000000..41ab485 --- /dev/null +++ b/spec/controllers/password_resets_controller_spec.rb @@ -0,0 +1,12 @@ +require 'spec_helper' + +describe PasswordResetsController do + + describe "GET 'new'" do + it "returns http success" do + get 'new' + response.should be_success + end + end + +end diff --git a/spec/helpers/password_resets_helper_spec.rb b/spec/helpers/password_resets_helper_spec.rb new file mode 100644 index 0000000..a0df3dd --- /dev/null +++ b/spec/helpers/password_resets_helper_spec.rb @@ -0,0 +1,15 @@ +require 'spec_helper' + +# Specs in this file have access to a helper object that includes +# the PasswordResetsHelper. For example: +# +# describe PasswordResetsHelper do +# describe "string concat" do +# it "concats two strings with spaces" do +# expect(helper.concat_strings("this","that")).to eq("this that") +# end +# end +# end +describe PasswordResetsHelper do + pending "add some examples to (or delete) #{__FILE__}" +end diff --git a/spec/views/password_resets/new.html.erb_spec.rb b/spec/views/password_resets/new.html.erb_spec.rb new file mode 100644 index 0000000..38c6853 --- /dev/null +++ b/spec/views/password_resets/new.html.erb_spec.rb @@ -0,0 +1,5 @@ +require 'spec_helper' + +describe "password_resets/new.html.erb" do + pending "add some examples to (or delete) #{__FILE__}" +end From be0d8f75944a6bbee9ab366942c4f33744fea9b5 Mon Sep 17 00:00:00 2001 From: James Espinosa Date: Wed, 4 Dec 2013 00:59:00 -0600 Subject: [PATCH 08/11] Remove unnecessary comment --- app/controllers/password_resets_controller.rb | 1 - 1 file changed, 1 deletion(-) diff --git a/app/controllers/password_resets_controller.rb b/app/controllers/password_resets_controller.rb index 1493f99..792a226 100644 --- a/app/controllers/password_resets_controller.rb +++ b/app/controllers/password_resets_controller.rb @@ -6,7 +6,6 @@ class PasswordResetsController < ApplicationController if token && is_valid?(token) flash[:success] = "Password reset token confirmed! Please create a new password." - #redirect_to :reset_password else flash[:error] = "Invalid password reset token. Please try again." redirect_to :login From 0318205ecb66fe93ede482aadf5bc076c6dd1520 Mon Sep 17 00:00:00 2001 From: James Espinosa Date: Tue, 10 Dec 2013 22:07:05 -0600 Subject: [PATCH 09/11] Add MailCatcher for SMTP support to Gemfile --- Gemfile | 4 ++-- Gemfile.lock | 24 ++++++++++++++++++++++++ 2 files changed, 26 insertions(+), 2 deletions(-) diff --git a/Gemfile b/Gemfile index 74972e1..7c1a90c 100755 --- a/Gemfile +++ b/Gemfile @@ -10,7 +10,6 @@ gem 'rack', '1.4.0' gem 'sqlite3' gem 'foreman' - group :development do gem 'brakeman' gem 'bundler-audit' @@ -50,7 +49,6 @@ group :assets do gem 'uglifier' end - gem 'jquery-rails' # To use ActiveModel has_secure_password @@ -79,3 +77,5 @@ gem 'aruba' gem 'execjs' gem 'therubyracer' +# Add SMTP server support using MailCatcher +gem 'mailcatcher' \ No newline at end of file diff --git a/Gemfile.lock b/Gemfile.lock index 991949d..6767a28 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -79,6 +79,7 @@ GEM gherkin (~> 2.12) multi_json (>= 1.7.5, < 2.0) multi_test (>= 0.0.2) + daemons (1.1.9) database_cleaner (1.0.1) debug_inspector (0.0.2) diff-lcs (1.2.5) @@ -150,6 +151,15 @@ GEM i18n (>= 0.4.0) mime-types (~> 1.16) treetop (~> 1.4.8) + mailcatcher (0.5.12) + activesupport (~> 3.0) + eventmachine (~> 1.0.0) + haml (>= 3.1, < 5) + mail (~> 2.3) + sinatra (~> 1.2) + skinny (~> 0.2.3) + sqlite3 (~> 1.3) + thin (~> 1.5.0) method_source (0.8.2) mime-types (1.25) multi_json (1.8.2) @@ -172,6 +182,8 @@ GEM rack (>= 0.4) rack-livereload (0.3.15) rack + rack-protection (1.5.1) + rack rack-ssl (1.3.3) rack rack-test (0.6.2) @@ -231,6 +243,13 @@ GEM multi_json simplecov-html (~> 0.7.1) simplecov-html (0.7.1) + sinatra (1.4.4) + rack (~> 1.4) + rack-protection (~> 1.4) + tilt (~> 1.3, >= 1.3.4) + skinny (0.2.3) + eventmachine (~> 1.0.0) + thin (~> 1.5.0) slim (2.0.2) temple (~> 0.6.6) tilt (>= 1.3.3, < 2.1) @@ -246,6 +265,10 @@ GEM therubyracer (0.12.0) libv8 (~> 3.16.14.0) ref + thin (1.5.1) + daemons (>= 1.0.9) + eventmachine (>= 0.12.6) + rack (>= 1.0.0) thor (0.18.1) tilt (1.4.1) timers (1.1.0) @@ -290,6 +313,7 @@ DEPENDENCIES jquery-fileupload-rails jquery-rails launchy + mailcatcher poltergeist powder pry From 76bf8fa45ded24843cae6d3a18816ce0b0d38c6b Mon Sep 17 00:00:00 2001 From: James Espinosa Date: Tue, 10 Dec 2013 22:35:42 -0600 Subject: [PATCH 10/11] Update README to include MailCatcher notes --- README.md | 21 +++++++++++++++++++++ 1 file changed, 21 insertions(+) diff --git a/README.md b/README.md index 680cbd0..bb79789 100755 --- a/README.md +++ b/README.md @@ -69,6 +69,27 @@ $ rake training NOTE: As vulnerabilities are fixed in the application, these specs will not change to `passing`, but to `pending`. +## Processing Email + +In order for RailsGoat to effectively process email, you will first need to run MailCatcher, an SMTP server that will intercept email messages and display them in a web interface. + +To start an instance of MailCatcher, simply run: + +``` +$ mailcatcher +``` + +If successful, you should see the following output: + +``` +Starting MailCatcher +==> smtp://127.0.0.1:1025 +==> http://127.0.0.1:1080 +*** MailCatcher runs as a daemon by default. Go to the web interface to quit. +``` + +Alternatively, you can run MailCatcher in the foreground by running `mailcatcher -f` in your terminal. + ## Contributing As changes are made to the application, the Capybara RSpecs can be used to verify that the vulnerabilities in the application are still intact. To use them in this way, and have them `pass` instead of `fail`, set the `RAILSGOAT_MAINTAINER` environment variable. From bfa3467107c1a334a495a10a97d3f4c7e989664f Mon Sep 17 00:00:00 2001 From: James Espinosa Date: Tue, 10 Dec 2013 23:08:46 -0600 Subject: [PATCH 11/11] Remove default RSpec tests to fix build --- spec/controllers/password_resets_controller_spec.rb | 13 +------------ spec/mailers/user_mailer_spec.rb | 6 +----- 2 files changed, 2 insertions(+), 17 deletions(-) diff --git a/spec/controllers/password_resets_controller_spec.rb b/spec/controllers/password_resets_controller_spec.rb index 41ab485..335cafc 100644 --- a/spec/controllers/password_resets_controller_spec.rb +++ b/spec/controllers/password_resets_controller_spec.rb @@ -1,12 +1 @@ -require 'spec_helper' - -describe PasswordResetsController do - - describe "GET 'new'" do - it "returns http success" do - get 'new' - response.should be_success - end - end - -end +require 'spec_helper' \ No newline at end of file diff --git a/spec/mailers/user_mailer_spec.rb b/spec/mailers/user_mailer_spec.rb index 8d004b3..a79b75f 100644 --- a/spec/mailers/user_mailer_spec.rb +++ b/spec/mailers/user_mailer_spec.rb @@ -1,5 +1 @@ -require "spec_helper" - -describe UserMailer do - pending "add some examples to (or delete) #{__FILE__}" -end +require "spec_helper" \ No newline at end of file