vedia/vote.rb

require 'bundler/setup'
require 'sinatra'
require 'sinatra/activerecord'
require 'bcrypt'
require 'securerandom'

#set :database, 'sqlite3:db/vote.sqlite3'

class Vote < ActiveRecord::Base
  self.primary_key = "secure_id"
  has_many :candidates
end

class Candidate < ActiveRecord::Base
  belongs_to :vote
end

def hash_password(password)
  BCrypt::Password.create(password).to_s
end

def verify_password(password, hash)
  BCrypt::Password.new(hash) == password
end

User = Struct.new(:id, :email, :password_hash)
USERS = [
  User.new(1, 'P1', hash_password('P1')),
  User.new(2, 'P2', hash_password('P2')),
  User.new(3, 'P3', hash_password('P3')),
]

enable :sessions

get '/' do
  redirect '/login' unless current_user
  @votes = Vote.all
  erb :home
end

get '/login' do
  erb :login
end

post '/login' do
  user = USERS.find { |u| u.email == params[:email] }
  if user && verify_password(params[:password], user.password_hash)
    session.clear
    session[:user_id] = user.id
    redirect '/'
  else
    @error = 'Username or password was incorrect'
    erb :login
  end
end

post '/logout' do
  session.clear
  redirect '/login'
end

get '/votes/new' do
  erb :votes_new
end

get '/votes/:id' do
  @vote = Vote.find(params[:id])
  erb :votes_show
end

post '/votes' do
  @vote = Vote.create(secure_id: SecureRandom.hex(8),
                      title: params[:title],
                      description: params[:description])
  redirect '/votes/' + @vote.secure_id
end

post '/votes/:id/candidates' do
  @vote = Vote.find(params[:id])
  @candidate = Candidate.new(name: params[:name],
                             description: params[:description])
  @candidate.vote = @vote
  @candidate.save
  redirect '/votes/' + @vote.secure_id
end

helpers do
  def current_user
    if session[:user_id]
       USERS.find { |u| u.id == session[:user_id] }
    else
      nil
    end
  end
end