undid some mistakes
This commit is contained in:
Ken Johnson
@@ -3,14 +3,14 @@ class SessionsController < ApplicationController
|
|||||||
skip_before_filter :authenticated, :only => [:new, :create]
|
skip_before_filter :authenticated, :only => [:new, :create]
|
||||||
|
|
||||||
def new
|
def new
|
||||||
redirect_to dashboard_home_path(:dashboard_id => current_user.id) if current_user && current_user.id
|
redirect_to home_dashboard_index_path if current_user
|
||||||
end
|
end
|
||||||
|
|
||||||
def create
|
def create
|
||||||
user = User.authenticate(params[:email], params[:password])
|
user = User.authenticate(params[:email], params[:password])
|
||||||
if user
|
if user
|
||||||
session[:id] = user.id if User.where(:id => user.id).exists?
|
session[:id] = user.id if User.where(:id => user.id).exists?
|
||||||
redirect_to dashboard_home_path(:dashboard_id => user.id)
|
redirect_to home_dashboard_index_path
|
||||||
else
|
else
|
||||||
render "new"
|
render "new"
|
||||||
end
|
end
|
||||||
|
|||||||
@@ -1,2 +1,8 @@
|
|||||||
class TutorialsController < ApplicationController
|
class TutorialsController < ApplicationController
|
||||||
|
|
||||||
|
skip_before_filter :authenticated
|
||||||
|
|
||||||
|
def injection
|
||||||
|
end
|
||||||
|
|
||||||
end
|
end
|
||||||
|
|||||||
@@ -10,7 +10,7 @@ class UsersController < ApplicationController
|
|||||||
user = User.new(params[:user])
|
user = User.new(params[:user])
|
||||||
if user.save
|
if user.save
|
||||||
session[:id] = user.id
|
session[:id] = user.id
|
||||||
redirect_to dashboard_home_path(:dashboard_id => user.id)
|
redirect_to home_dashboard_index_path
|
||||||
else
|
else
|
||||||
@user = User.new
|
@user = User.new
|
||||||
render :new
|
render :new
|
||||||
|
|||||||
@@ -11,12 +11,7 @@
|
|||||||
<ul class="dropdown-menu pull-right">
|
<ul class="dropdown-menu pull-right">
|
||||||
<li>
|
<li>
|
||||||
<a href="#">
|
<a href="#">
|
||||||
Edit Profile
|
account settings
|
||||||
</a>
|
|
||||||
</li>
|
|
||||||
<li>
|
|
||||||
<a href="#">
|
|
||||||
Account Settings
|
|
||||||
</a>
|
</a>
|
||||||
</li>
|
</li>
|
||||||
<li>
|
<li>
|
||||||
|
|||||||
@@ -0,0 +1,31 @@
|
|||||||
|
<!DOCTYPE html>
|
||||||
|
<html>
|
||||||
|
<head>
|
||||||
|
<title>RailsGoat</title>
|
||||||
|
<%= stylesheet_link_tag "application", :media => "all" %>
|
||||||
|
<%= javascript_include_tag "application" %>
|
||||||
|
<%#= csrf_meta_tags %> <!-- <~ What is this for? I hear it helps w/ JS and Sea-surfing.....whatevz -->
|
||||||
|
|
||||||
|
<script type="text/javascript" src="http://html5shiv.googlecode.com/svn/trunk/html5.js"></script>
|
||||||
|
<!--[if lte IE 7]>
|
||||||
|
<script src="assets/fonts/lte-ie7.js">
|
||||||
|
</script>
|
||||||
|
<![endif]-->
|
||||||
|
|
||||||
|
<!-- Google Visualization JS -->
|
||||||
|
<script type="text/javascript" src="https://www.google.com/jsapi"></script>
|
||||||
|
|
||||||
|
</head>
|
||||||
|
<body>
|
||||||
|
|
||||||
|
<%= render "layouts/tutorial/header" %>
|
||||||
|
<%= render "layouts/tutorial/sidebar" %>
|
||||||
|
|
||||||
|
<div class="container-fluid">
|
||||||
|
<div class="dashboard-wrapper">
|
||||||
|
<%= yield %>
|
||||||
|
</div>
|
||||||
|
</div>
|
||||||
|
<%= render "layouts/shared/footer" %>
|
||||||
|
</body>
|
||||||
|
</html>
|
||||||
+12
-3
@@ -13,11 +13,20 @@ resources :users do
|
|||||||
end
|
end
|
||||||
|
|
||||||
resources :tutorials do
|
resources :tutorials do
|
||||||
|
collection do
|
||||||
|
get "injection"
|
||||||
|
get "xss"
|
||||||
|
get "broken_auth"
|
||||||
|
get "insecure_doa"
|
||||||
|
get "csrf"
|
||||||
|
get "security"
|
||||||
|
end
|
||||||
end
|
end
|
||||||
|
|
||||||
resources :dashboard do
|
resources :dashboard do
|
||||||
get "home" => "dashboard#home"
|
collection do
|
||||||
|
get "home"
|
||||||
|
end
|
||||||
end
|
end
|
||||||
|
|
||||||
root :to => "sessions#new"
|
root :to => "sessions#new"
|
||||||
|
|||||||
Reference in New Issue
Block a user