CSC/ECE 517 Fall 2021 - E2129. Refactor auth controller.rb & password retrieval controller.rb: Difference between revisions

From Expertiza_Wiki
Jump to navigation Jump to search
No edit summary
m (Added Links to github and vcl)
Line 2: Line 2:


__TOC__
__TOC__
== Relevant links ==
#Github : https://github.com/smanishs175/expertiza.git
#VCL Deployment: 152.7.176.119:8080 (Please note that if incase vcl gives a timeout error contact the authors)


== About Expertiza ==
== About Expertiza ==

Revision as of 00:55, 21 October 2021

E2129: Refactor auth_controller.rb & password_retrieval_controller.rb

Relevant links

  1. Github : https://github.com/smanishs175/expertiza.git
  2. VCL Deployment: 152.7.176.119:8080 (Please note that if incase vcl gives a timeout error contact the authors)

About Expertiza

Expertiza is an open source project based on Ruby on Rails framework. It is a web based program that allows instructors to create and update/edit assignments/tasks, and then assigns them to students. Students then can submit, edit, and update their assignments, as well as peer review other student's assignments.

Description Of Current Project

Our goal for this project is to refactor certain files (auth_controller.rb and password_retrieval_controller.rb) to follow essential Ruby on Rails design principles. Since this is a refactoring project, all RSpec test cases must result in the same behavior as before, with no changes to the overall functionality of the code.

Files Modified/Added

Two controller files were modified for this project:

  1. auth_controller.rb (expertiza/app/controllers/auth_controller.rb)
  2. password_retrieval_controller.rb (expertiza/app/controllers/password_retrieval_controller.rb)

One RSpec file was added to help test filters:

  1. filters.rb (expertiza/spec/support/matchers/filters.rb)

auth_controller.rb

The auth_controller deals with user authentication when they try and login. Spelling needed to be adjusted to American style. Some comments were added and logger call locations were moved to before/after filters.

Problem 1

Check for the spelling. Use American spellings. For example, self.authorised? should be self.authorized?. Check for similar spelling issues.

Solution1

We have made the spelling changes as required. We changes Authorised to Authorized

Problem 2

In line 79, I don’t understand why both branches of the conjunction are needed; there should be a comment explaining this.

Solution2

We have added comments as "Checking if both places have same params"

Problem 3

Calls to logger should be written as before_ or after_filters on a method whenever possible.

Solution 3
About Filters

Rails filters are methods that run before or after a controller's action method is executed. They are helpful when you want to ensure that a given block of code runs with whatever action method is called.

Rails support three types of filter methods:

Before filters, After filters, Around filters

Reason for the need of Filters in Authentication Controller

Calls to logger should be written as filters is that a call to a logger tends to be a full line of code. If we put the full line of code everywhere that the logger needs to be called, the logger text tends to distract from the rest of the work done by the method. It tends to pollute the code. If it is an after_action, then it gets called automatically when the method finishes, without having to appear in the method at all. It is a cleaner way of calling the logger. It is a case of the Separation of Responsibility principle.



Filter loggers are added to prioritize the method calls in function:
1. before_action :action_allowed?, only:[:login,:login_failed,:google_login]
2. after_action :action_allowed?, only:[:logout]

password_retrieval_controller.rb

The password_retrieval_controller deals with the process of updating and resetting the password for users, in case they have forgotten their password. Comments were needed in many places in this file, and some comments that were there before had to be modified. A user alert had to be modified to be more clear, and a hard-coded value had to be moved to a parameter.

filters.rb

@Manish

List Of Changes

auth_controller.rb

Spelling was adjusted from authorised to authorized:

  1. TODO: spelling_fix.png
  2. TODO: spelling_fix_2.png

Add a comment to explain the branches of a conjunction:

  1. TODO: branch_conjunction_comment.png

Add filters for loggers:

  1. TODO: auth_controller_filters_before.png
  2. TODO: auth_controller_filters_after.png

password_retrieval_controller.rb

Method check_reset_url was renamed to a more descriptive check_token_validity:

  1. TODO: check_token_validity.png

A parameter was created for the token expiration time instead of hardcoding it:

  1. TODO: token_time.png

Descriptive comments were added to send_password:

  1. TODO: send_password_comments.png

A statement inside the reset_password method that was copied from the forgotten method was replaced with a call to the forgotten method:

  1. TODO: change_to_forgotten.png
  2. TODO: forgotten.png

A code block inside the check_reset_url method that was copied from the reset_password method was replaced with a call to the reset_password method:

  1. TODO: change_to_reset_password.png
  2. TODO: reset_password.png

An error message in the check_reset_url method was updated to be more descriptive to a user:

  1. TODO: invalid_token_user_message.png

Testing Details

Future Improvements

Important Links

Retrieved from "https://wiki.expertiza.ncsu.edu/index.php?title=CSC/ECE_517_Fall_2021_-_E2129._Refactor_auth_controller.rb_%26_password_retrieval_controller.rb&oldid=139611"