CSC/ECE 517 Fall 2021 - E2129. Refactor auth controller.rb & password retrieval controller.rb

From Expertiza_Wiki
Jump to navigation Jump to search

E2129: Refactor auth_controller.rb & password_retrieval_controller.rb

Relevant links

  1. Github : https://github.com/smanishs175/expertiza.git
  2. Github pull request: https://github.com/expertiza/expertiza/pull/2084
  3. VCL Deployment: http://152.7.176.119:8080
    1. Deployment is scheduled to be available until November 13, 2021
    2. In the case of a VCL timeout before then, please contact the group so they can reboot the server. This is a known issue with VCL that is out of their control.

About Expertiza

Expertiza is an open source project based on Ruby on Rails framework. It is a web based program that allows instructors to create and update/edit assignments/tasks, and then assigns them to students. Students then can submit, edit, and update their assignments, as well as peer review other student's assignments.

Description Of Current Project

Our goal for this project is to refactor certain files (auth_controller.rb and password_retrieval_controller.rb) to follow essential Ruby on Rails design principles. Since this is a refactoring project, all RSpec test cases must result in the same behavior as before, with no changes to the overall functionality of the code.

Files Modified/Added

Two controller files were modified for this project:

  1. auth_controller.rb (expertiza/app/controllers/auth_controller.rb)
  2. password_retrieval_controller.rb (expertiza/app/controllers/password_retrieval_controller.rb)

One RSpec file was added to help test filters:

  1. filters.rb (expertiza/spec/support/matchers/filters.rb)

auth_controller.rb

The auth_controller deals with user authentication when they try and log in. Spelling needed to be adjusted to American style. Some comments were added and logger call locations were moved to before/after filters.

About Filters

Rails filters are methods that run before or after a controller's action method is executed. They are helpful when you want to ensure that a given block of code runs with whatever action method is called.

Rails support three types of filter methods:

Before filters- before_action filter is executed before the code in action controller is executed. After filters- after_action filter is executed after the code in action controller is executed. Around filters- around_action filter is executed before and after the code in action controller is executed.

Reason for the need of Filters in Authentication Controller

Calls to logger should be written as filters is that a call to a logger tends to be a full line of code. If we put the full line of code everywhere that the logger needs to be called, the logger text tends to distract from the rest of the work done by the method. It tends to pollute the code. If it is an after_action, then it gets called automatically when the method finishes, without having to appear in the method at all. It is a cleaner way of calling the logger. It is a case of the Separation of Responsibility principle.

Filter loggers are added to prioritize the method calls in function:

  1. These filters are added for specific reasons: When the action_allowed? controller deals with authorizing the actions such as login, logout, login failed etc.

1. before_action :action_allowed?, only:[:login,:login_failed,:google_login]
2. after_action :action_allowed?, only:[:logout]

password_retrieval_controller.rb

The password_retrieval_controller deals with the process of updating and resetting the password for users, in case they have forgotten their password. Comments were needed in many places in this file, and some comments that were there before had to be modified. A user alert had to be modified to be more clear, and a hard-coded value had to be moved to a parameter.

filters.rb

All previous tests for Authentication_Controller are working. Authentication_Controller with filters is working fine. We created filters.rb file in spec/support/matchers/ directory. This was additional functionality which we tried to do.This filters.rb file was to be called from Authentication controller. We were not able to solve error raised for this additional part

List Of Changes

auth_controller.rb

Spelling was adjusted from authorised to authorized:


Add a comment to explain the branches of a conjunction:

Add filters for loggers:

password_retrieval_controller.rb

Method check_reset_url was renamed to a more descriptive check_token_validity:

A parameter was created for the token expiration time instead of hardcoding it:

Descriptive comments were added to send_password:

A statement inside the reset_password method that was copied from the forgotten method was replaced with a call to the forgotten method:


A code block inside the check_reset_url method that was copied from the reset_password method was replaced with a call to the reset_password method:


An error message in the check_reset_url method was updated to be more descriptive to a user:

filters.rb

The contents of the new file support/matchers/filters.rb is shown below

Test Plan

Since this is just a refactoring project. No test cases have been written. Although, we wrote a file which will test the functionality of the filters.

Testing Details

1. The auth_controller.rb :

The file has been tested using rspec.
Run the code: rspec spec/helpers/authorization_helper_spec.rb . All test cases are passing as expected.

2. The password_retrieval_controller.rb

The file has been tested using rspec.
Run the code: rspec spec/helpers/password_retrieval_controller.rb . All test cases are passing as expected.

The Team

Aaron Mathew - asmathew@ncsu.edu
Manish Shinde - msshinde@ncsu.edu
Quinn Dibble - qdibble@ncsu.edu

Retrieved from "https://wiki.expertiza.ncsu.edu/index.php?title=CSC/ECE_517_Fall_2021_-_E2129._Refactor_auth_controller.rb_%26_password_retrieval_controller.rb&oldid=140987"