add auth token

app/controllers/application_controller.rb

@@ -2,6 +2,21 @@ class ApplicationController < ActionController::Base
   # Prevent CSRF attacks by raising an exception.
   # For APIs, you may want to use :null_session instead.
   protect_from_forgery with: :null_session
+  before_action :authenticate_user_from_token!
   before_action :authenticate_user! #unless Rails.env.test?
 
+
+  private
+
+  def authenticate_user_from_token!
+    user_token = params[:user_token].presence
+    user = user_token && User.find_by_authentication_token(user_token.to_s)
+
+    if user
+      sign_in user, store: false
+    end
+
+  end
+
+
 end

app/controllers/campaigns_controller.rb

@@ -36,7 +36,7 @@ class CampaignsController < ApplicationController
 
   def update
     if @campaign.update(campaign_params)
-      redirect_to @campaign, notice: 'Campaign was successfully updated.'
+      redirect_to campaign_path(@campaign.clientid), notice: 'Campaign was successfully updated.'
     else
       render action: 'edit'
     end

app/models/campaign.rb

@@ -6,4 +6,5 @@ class Campaign < ActiveRecord::Base
   validates :listingcode, presence: true, uniqueness: true
   validates :advertisername, presence: true
   validates :websiteurl, presence: true
+
 end

app/models/user.rb

@@ -6,5 +6,20 @@ class User < ActiveRecord::Base
   devise :database_authenticatable, :registerable,
          :recoverable, :rememberable, :trackable, :validatable
 
+  before_save :ensure_authentication_token
+
+  def ensure_authentication_token
+    if authentication_token.blank?
+      self.authentication_token = generate_authentication_token
+    end
+  end
+
+  def generate_authentication_token
+    loop do
+      token = Devise.friendly_token
+      break token unless User.where(authentication_token: token).first
+    end
+  end
+
 
 end

app/models/videolisting.rb

@@ -3,4 +3,7 @@ class Videolisting < ActiveRecord::Base
   validates :videocode, presence: true, uniqueness: true
   validates :producttypeid, presence: true
 
+  def asseturls_array
+    self.asseturls.split(',').collect(&:strip)
+  end
 end

app/views/campaigns/_form.html.erb

@@ -1,4 +1,4 @@
-<%= simple_form_for(@campaign, html: {class: 'form-horizontal'}) do |frm| %>
+<%= simple_form_for(@campaign, url: campaign_path(@campaign.clientid), html: {class: 'form-horizontal'}) do |frm| %>
     <div class="row">
       <div class="col-md-1"></div>
 

app/views/campaigns/index.json.jbuilder

@@ -0,0 +1,31 @@
+json.campaigns @campaigns do |campaign|
+  json.clientid campaign.clientid
+  json.listingcode campaign.listingcode
+  json.billingcode campaign.billingcode
+  json.advertisername campaign.advertisername
+  json.address1 campaign.address1
+  json.address2 campaign.address2
+  json.city campaign.city
+  json.state campaign.state
+  json.zip campaign.zip
+  json.emailaddress campaign.emailaddress
+  json.customerfirstname campaign.customerfirstname
+  json.customerlastname campaign.customerlastname
+  json.salesrep campaign.salesrep
+  json.salesrepemail campaign.salesrepemail
+  json.businessphone campaign.businessphone
+  json.contactphone campaign.contactphone
+  json.websiteurl campaign.websiteurl
+  json.videolistings campaign.videolistings.each do |videolisting|
+    json.videocode videolisting.videocode
+    json.producttypeid videolisting.producttypeid
+    json.remoteassetsarchive videolisting.remoteassetsarchive
+    json.voiceoverselection videolisting.voiceoverselection
+    json.musicselection videolisting.musicselection
+    json.clientprovidedscript videolisting.clientprovidedscript
+    json.keywords videolisting.keywords
+    json.focus videolisting.focus
+    json.notes videolisting.notes
+    json.asseturls videolisting.asseturls_array
+  end
+end

app/views/campaigns/show.json.jbuilder

@@ -1,4 +1,4 @@
-json.campaigns @campaigns do |campaign|
+json.campaigns @campaign do |campaign|
   json.clientid campaign.clientid
   json.listingcode campaign.listingcode
     json.billingcode campaign.billingcode

config/routes.rb

@@ -3,7 +3,7 @@ Vidpush::Application.routes.draw do
   if Rails.env.production?
     devise_for :users, :controllers => {registrations: "registrations"}
   else
-    devise_for :users, :controllers => {registrations: "registrations"}
+    devise_for :users
 
   end
 

db/migrate/20140415154137_change_asseturls_in_videolisting.rb

@@ -0,0 +1,9 @@
+class ChangeAsseturlsInVideolisting < ActiveRecord::Migration
+  def up
+    change_column :videolistings, :asseturls, :string, array: false
+  end
+
+  def down
+    change_column :videolistings, :asseturls, :string, array: true
+  end
+end

db/migrate/20140415165549_add_authentication_token_to_users.rb

@@ -0,0 +1,5 @@
+class AddAuthenticationTokenToUsers < ActiveRecord::Migration
+  def change
+    add_column :users, :authentication_token, :string
+  end
+end

db/schema.rb

@@ -11,7 +11,7 @@
 #
 # It's strongly recommended that you check this file into your version control system.
 
-ActiveRecord::Schema.define(version: 20140409152531) do
+ActiveRecord::Schema.define(version: 20140415165549) do
 
   # These are extensions that must be enabled in order to support this database
   enable_extension "plpgsql"
@@ -86,6 +86,7 @@ ActiveRecord::Schema.define(version: 20140409152531) do
     t.datetime "last_sign_in_at"
     t.string   "current_sign_in_ip"
     t.string   "last_sign_in_ip"
+    t.string   "authentication_token"
   end
 
   add_index "users", ["email"], name: "index_users_on_email", unique: true, using: :btree
@@ -101,7 +102,7 @@ ActiveRecord::Schema.define(version: 20140409152531) do
     t.string   "keywords"
     t.string   "focus"
     t.string   "notes"
-    t.string   "asseturls",            default: [], array: true
+    t.string   "asseturls",            default: "{}"
     t.datetime "created_at"
     t.datetime "updated_at"
     t.integer  "campaign_id"