employee login and authentication with session
This commit is contained in:
Min Zeya Phyo
@@ -1,6 +1,8 @@
|
||||
class Api::Restaurant::RoomsController < ActionController::API
|
||||
before_action :set_room, only: [:show]
|
||||
|
||||
def index
|
||||
render json: SeatTable.order("order_by")
|
||||
render json: Room.active.order("order_by")
|
||||
end
|
||||
|
||||
# Description
|
||||
@@ -11,11 +13,15 @@ class Api::Restaurant::RoomsController < ActionController::API
|
||||
|
||||
end
|
||||
|
||||
#Input Params
|
||||
# table_id: table_id
|
||||
# Output
|
||||
# status: error | success, error_message: <Problem with moving table>
|
||||
def update
|
||||
def bill
|
||||
end
|
||||
|
||||
def move
|
||||
end
|
||||
|
||||
private
|
||||
# Use callbacks to share common setup or constraints between actions.
|
||||
def set_room
|
||||
@table = Room.find(params[:id])
|
||||
end
|
||||
end
|
||||
|
||||
@@ -1,6 +1,8 @@
|
||||
class Api::Restaurant::SeatingsController < ActionController::API
|
||||
before_action :set_table, only: [:show]
|
||||
|
||||
def index
|
||||
render json: Zone.order("order_by")
|
||||
render json: Table.active.order("order_by")
|
||||
end
|
||||
|
||||
# Description
|
||||
@@ -11,11 +13,16 @@ class Api::Restaurant::SeatingsController < ActionController::API
|
||||
|
||||
end
|
||||
|
||||
#Input Params
|
||||
# table_id: table_id
|
||||
# Output
|
||||
# status: error | success, error_message: <Problem with moving table>
|
||||
def update
|
||||
def bill
|
||||
end
|
||||
|
||||
def move
|
||||
end
|
||||
|
||||
private
|
||||
# Use callbacks to share common setup or constraints between actions.
|
||||
def set_table
|
||||
@table = Table.find(params[:id])
|
||||
end
|
||||
|
||||
end
|
||||
end
|
||||
|
||||
@@ -1,6 +1,7 @@
|
||||
class Api::Restaurant::ZonesController < ActionController::API
|
||||
|
||||
def index
|
||||
render json: Zone.where("is_active = true")
|
||||
render json: Zone.includes([:tables, :rooms]).where("is_active = true")
|
||||
end
|
||||
|
||||
end
|
||||
|
||||
@@ -1,4 +1,4 @@
|
||||
JSONclass ApplicationController < ActionController::Base
|
||||
class ApplicationController < ActionController::Base
|
||||
#before_action :check_installation
|
||||
protect_from_forgery with: :exception
|
||||
|
||||
|
||||
@@ -28,11 +28,9 @@ class Settings::EmployeesController < ApplicationController
|
||||
|
||||
respond_to do |format|
|
||||
if @employee.save
|
||||
format.html { redirect_to @employee, notice: 'Employee was successfully created.' }
|
||||
format.json { render :show, status: :created, location: @employee }
|
||||
format.html { redirect_to settings_employees_path, notice: 'Employee was successfully created.' }
|
||||
else
|
||||
format.html { render :new }
|
||||
format.json { render json: @employee.errors, status: :unprocessable_entity }
|
||||
end
|
||||
end
|
||||
end
|
||||
@@ -42,11 +40,9 @@ class Settings::EmployeesController < ApplicationController
|
||||
def update
|
||||
respond_to do |format|
|
||||
if @employee.update(employee_params)
|
||||
format.html { redirect_to @employee, notice: 'Employee was successfully updated.' }
|
||||
format.json { render :show, status: :ok, location: @employee }
|
||||
format.html { redirect_to settings_employee_path(@employee), notice: 'Employee was successfully updated.' }
|
||||
else
|
||||
format.html { render :edit }
|
||||
format.json { render json: @employee.errors, status: :unprocessable_entity }
|
||||
end
|
||||
end
|
||||
end
|
||||
@@ -56,8 +52,7 @@ class Settings::EmployeesController < ApplicationController
|
||||
def destroy
|
||||
@employee.destroy
|
||||
respond_to do |format|
|
||||
format.html { redirect_to employees_url, notice: 'Employee was successfully destroyed.' }
|
||||
format.json { head :no_content }
|
||||
format.html { redirect_to settings_employees_url, notice: 'Employee was successfully destroyed.' }
|
||||
end
|
||||
end
|
||||
|
||||
@@ -69,6 +64,6 @@ class Settings::EmployeesController < ApplicationController
|
||||
|
||||
# Never trust parameters from the scary internet, only allow the white list through.
|
||||
def employee_params
|
||||
params.require(:employee).permit(:name, :role, :password)
|
||||
params.require(:employee).permit(:name, :role, :emp_id, :password)
|
||||
end
|
||||
end
|
||||
|
||||
@@ -1,2 +0,0 @@
|
||||
module EmployeesHelper
|
||||
end
|
||||
@@ -1,2 +0,0 @@
|
||||
module HomeHelper
|
||||
end
|
||||
@@ -1,2 +0,0 @@
|
||||
module InstallHelper
|
||||
end
|
||||
@@ -1,7 +1,8 @@
|
||||
class Booking < ApplicationRecord
|
||||
|
||||
belongs_to :dining_facility
|
||||
belongs_to :dining_facility, :optional => true
|
||||
belongs_to :sale, :optional => true
|
||||
has_many :booking_orders
|
||||
|
||||
|
||||
end
|
||||
|
||||
4
app/models/booking_order.rb
Normal file
4
app/models/booking_order.rb
Normal file
@@ -0,0 +1,4 @@
|
||||
class BookingOrder < ApplicationRecord
|
||||
belongs_to :booking
|
||||
belongs_to :order
|
||||
end
|
||||
@@ -1,3 +1,6 @@
|
||||
class DiningFacility < ApplicationRecord
|
||||
belongs_to :zone
|
||||
|
||||
scope :active, -> {where(is_active: true)}
|
||||
|
||||
end
|
||||
|
||||
@@ -1,17 +1,55 @@
|
||||
class Employee < ApplicationRecord
|
||||
include BCrypt
|
||||
has_secure_password
|
||||
|
||||
#attr_accessor :password
|
||||
|
||||
validates_presence_of :name, :role, :password
|
||||
validates_presence_of :name, :role
|
||||
validates_presence_of :password, :on => [:create]
|
||||
validates :emp_id, uniqueness: true, numericality: true, length: {in: 1..4}, allow_blank: true
|
||||
validates :password, numericality: true, length: {in: 3..9}, allow_blank: true
|
||||
|
||||
|
||||
def password
|
||||
@password ||= Password.new(password_hash)
|
||||
def self.login(emp_id, password)
|
||||
user = Employee.find_by_emp_id(emp_id).authenticate(password)
|
||||
|
||||
Rails.logger.debug user
|
||||
|
||||
if (user)
|
||||
user.generate_token
|
||||
user.session_expiry = DateTime.now.utc + 30.minutes
|
||||
user.session_last_login = DateTime.now.utc
|
||||
user.save
|
||||
|
||||
return user
|
||||
end
|
||||
return nil
|
||||
|
||||
end
|
||||
|
||||
def password=(new_password)
|
||||
@password = Password.create(new_password)
|
||||
self.encrypted_access_code = @password
|
||||
def self.authenticate_by_token(session_token)
|
||||
user = Employee.find_by_token_session(session_token)
|
||||
if user && user.session_expiry.utc > DateTime.now.utc
|
||||
#Extend the login time each time authenticatation take place
|
||||
user.session_expiry = DateTime.now.utc + 30.minutes
|
||||
user.save
|
||||
return true
|
||||
else
|
||||
return false
|
||||
end
|
||||
end
|
||||
|
||||
def self.logout(session_token)
|
||||
user = Employee.find_by_token_session(session_token)
|
||||
if user
|
||||
user.token_session = nil
|
||||
user.session_expiry = nil
|
||||
user.save
|
||||
end
|
||||
end
|
||||
|
||||
def generate_token
|
||||
update_column :token_session, SecureRandom.hex(10)
|
||||
rescue ActiveRecord::RecordNotUnique
|
||||
retry
|
||||
end
|
||||
|
||||
|
||||
end
|
||||
|
||||
@@ -1,4 +0,0 @@
|
||||
class RoomBookingOrder < ApplicationRecord
|
||||
belongs_to :room_booking
|
||||
belongs_to :order
|
||||
end
|
||||
@@ -1,4 +0,0 @@
|
||||
class TableBookingOrder < ApplicationRecord
|
||||
belongs_to :table_booking
|
||||
belongs_to :order
|
||||
end
|
||||
@@ -1,2 +0,0 @@
|
||||
json.extract! employee, :id, :name, :role, :encrypted_access_code, :created_at, :updated_at
|
||||
json.url employee_url(employee, format: :json)
|
||||
@@ -4,6 +4,7 @@
|
||||
<div class="form-inputs">
|
||||
<%= f.input :name %>
|
||||
<%= f.input :role, :collection => Lookup.collection_of("employee_roles") %>
|
||||
<%= f.input :emp_id, :as => :integer, :label => "Employee Numberic ID (*Unique)" %>
|
||||
<%= f.input :password %>
|
||||
|
||||
</div>
|
||||
|
||||
@@ -1,6 +1,11 @@
|
||||
<h1>Editing Employee</h1>
|
||||
|
||||
<div class="span12">
|
||||
<div class="page-header">
|
||||
<ul class="breadcrumb">
|
||||
<li><a href="<%= root_path %>">Home</a></li>
|
||||
<li><a href="<%= settings_employees_path %>">Employees</a></li>
|
||||
<li>Edit</li>
|
||||
</ul>
|
||||
</div>
|
||||
<%= render 'form', employee: @employee %>
|
||||
|
||||
<%= link_to 'Show', @employee %> |
|
||||
<%= link_to 'Back', employees_path %>
|
||||
</div>
|
||||
|
||||
@@ -13,20 +13,19 @@
|
||||
<table class="table table-striped">
|
||||
<thead>
|
||||
<tr>
|
||||
<th>Name</th>
|
||||
<th>Role</th>
|
||||
<th colspan="3"></th>
|
||||
<th style="width:40%">Name</th>
|
||||
<th style="width:40%">Role</th>
|
||||
<th style="width:20%">Action</th>
|
||||
</tr>
|
||||
</thead>
|
||||
|
||||
<tbody>
|
||||
<% @employees.each do |employee| %>
|
||||
<tr>
|
||||
<td><%= employee.name %></td>
|
||||
<td><%= link_to employee.name, employee[:setting] %></td>
|
||||
<td><%= employee.role %></td>
|
||||
<td><%= link_to 'Show', employee[:setting] %></td>
|
||||
<td><%= link_to 'Edit', edit_settings_employee_path(employee) %></td>
|
||||
<td><%= link_to 'Destroy', employee[:setting], method: :delete, data: { confirm: 'Are you sure?' } %></td>
|
||||
<td>
|
||||
<%= link_to 'Edit', edit_settings_employee_path(employee) %> | <%= link_to 'Destroy', employee[:setting], method: :delete, data: { confirm: 'Are you sure?' } %></td>
|
||||
</tr>
|
||||
<% end %>
|
||||
</tbody>
|
||||
|
||||
@@ -1 +0,0 @@
|
||||
json.array! @employees, partial: 'employees/employee', as: :employee
|
||||
@@ -1 +0,0 @@
|
||||
json.partial! "employees/employee", employee: @employee
|
||||
@@ -18,13 +18,24 @@ Rails.application.routes.draw do
|
||||
|
||||
namespace :restaurant do
|
||||
get 'zones' => "zones#index"
|
||||
get 'tables' => "#index"
|
||||
|
||||
resources :seatings, only:[:index, :show] do
|
||||
post 'bill' => "seatings#create"
|
||||
post 'move' => "seatings#move"
|
||||
end
|
||||
|
||||
resources :rooms, only:[:index, :show] do
|
||||
post 'bill' => "seatings#create"
|
||||
post 'move' => "seatings#move"
|
||||
end
|
||||
|
||||
#Menu Related api
|
||||
resources :menu, only: [:index, :show] do
|
||||
resources :menu_categories, only: [:index]
|
||||
resources :menu_items, only: [:index, :show]
|
||||
resources :menu_sold_out, only: [:index]
|
||||
end
|
||||
|
||||
end
|
||||
|
||||
#Order Controller
|
||||
|
||||
@@ -3,8 +3,11 @@ class CreateEmployees < ActiveRecord::Migration[5.0]
|
||||
create_table :employees do |t|
|
||||
t.string :name, :null => false
|
||||
t.string :role, :null => false, :default => "cashier"
|
||||
t.string :encrypted_access_code, :null => false
|
||||
|
||||
t.string :emp_id, :null => false
|
||||
t.string :password_digest, :null => false
|
||||
t.string :token_session
|
||||
t.datetime :session_expiry
|
||||
t.datetime :session_last_login
|
||||
t.timestamps
|
||||
end
|
||||
end
|
||||
|
||||
@@ -1,10 +0,0 @@
|
||||
class CreateTableBookingOrders < ActiveRecord::Migration[5.0]
|
||||
def change
|
||||
create_table :table_booking_orders do |t|
|
||||
t.references :table_booking
|
||||
t.references :order, foreign_key: true
|
||||
|
||||
t.timestamps
|
||||
end
|
||||
end
|
||||
end
|
||||
@@ -1,10 +0,0 @@
|
||||
class CreateRoomBookingOrders < ActiveRecord::Migration[5.0]
|
||||
def change
|
||||
create_table :room_booking_orders do |t|
|
||||
t.references :room_booking
|
||||
t.references :order, foreign_key: true
|
||||
|
||||
t.timestamps
|
||||
end
|
||||
end
|
||||
end
|
||||
10
db/migrate/20170414110918_create_booking_orders.rb
Normal file
10
db/migrate/20170414110918_create_booking_orders.rb
Normal file
@@ -0,0 +1,10 @@
|
||||
class CreateBookingOrders < ActiveRecord::Migration[5.0]
|
||||
def change
|
||||
create_table :booking_orders do |t|
|
||||
t.references :booking, foreign_key: true
|
||||
t.references :order, foreign_key: true
|
||||
|
||||
t.timestamps
|
||||
end
|
||||
end
|
||||
end
|
||||
@@ -1,5 +1,5 @@
|
||||
require 'rails_helper'
|
||||
|
||||
RSpec.describe RoomBookingOrder, type: :model do
|
||||
RSpec.describe BookingOrder, type: :model do
|
||||
pending "add some examples to (or delete) #{__FILE__}"
|
||||
end
|
||||
@@ -1,5 +0,0 @@
|
||||
require 'rails_helper'
|
||||
|
||||
RSpec.describe TableBookingOrder, type: :model do
|
||||
pending "add some examples to (or delete) #{__FILE__}"
|
||||
end
|
||||
Reference in New Issue
Block a user