a10n and a11n

.github/workflows/ci.yml

@@ -7,6 +7,7 @@ on:
   pull_request:
     branches:
       - main
+      - develop
 
 jobs:
   test:
@@ -39,8 +40,13 @@ jobs:
         bundle config path vendor/bundle
         bundle install --jobs 4 --retry 3
 
+    - name: Create test credentials key file
+      run: echo "${{ secrets.RAILS_TEST_MASTER_KEY }}" > config/credentials/test.key
+
     - name: Precompile assets
       run: bundle exec rails assets:precompile
+      env:
+        RAILS_ENV: test
 
     - name: Run tests
       run: bundle exec rspec

.gitignore

@@ -28,3 +28,9 @@
 !/app/assets/builds/.keep
 
 /node_modules
+
+/config/credentials/development.key
+
+/config/credentials/production.key
+
+/config/credentials/test.key

Gemfile

@@ -32,8 +32,10 @@ gem "tzinfo-data", platforms: %i[mingw mswin x64_mingw jruby]
 
 gem "actionpack-action_caching", "~> 1.2"
 gem "awesome_print", "~> 1.9"
+gem "cancancan", "~> 3.5"
 gem "chartkick", "~> 5.0"
 gem "data_migrate", "~> 9.2"
+gem "devise", "~> 4.9"
 gem "draper", "~> 4.0"
 gem "groupdate", "~> 6.4"
 gem "pry", "~> 0.14.2"

Gemfile.lock

@@ -86,6 +86,7 @@ GEM
     ast (2.4.2)
     awesome_print (1.9.2)
     base64 (0.1.1)
+    bcrypt (3.1.19)
     better_errors (2.10.1)
       erubi (>= 1.0.0)
       rack (>= 0.9.0)
@@ -95,6 +96,7 @@ GEM
     binding_of_caller (1.0.0)
       debug_inspector (>= 0.0.1)
     builder (3.2.4)
+    cancancan (3.5.0)
     chartkick (5.0.4)
     coderay (1.1.3)
     concurrent-ruby (1.2.2)
@@ -110,6 +112,12 @@ GEM
       irb (>= 1.5.0)
       reline (>= 0.3.1)
     debug_inspector (1.1.0)
+    devise (4.9.2)
+      bcrypt (~> 3.0)
+      orm_adapter (~> 0.1)
+      railties (>= 4.1.0)
+      responders
+      warden (~> 1.2.3)
     diff-lcs (1.5.0)
     draper (4.0.2)
       actionpack (>= 5.0)
@@ -173,6 +181,7 @@ GEM
       mini_portile2 (~> 2.8.2)
       racc (~> 1.4)
     ordinare (0.4.0)
+    orm_adapter (0.5.0)
     parallel (1.23.0)
     parser (3.2.2.4)
       ast (~> 2.4.1)
@@ -236,6 +245,9 @@ GEM
       io-console (~> 0.5)
     request_store (1.5.1)
       rack (>= 1.4)
+    responders (3.1.0)
+      actionpack (>= 5.2)
+      railties (>= 5.2)
     rexml (3.2.6)
     rouge (4.1.3)
     rspec-core (3.12.2)
@@ -317,6 +329,8 @@ GEM
     tzinfo (2.0.6)
       concurrent-ruby (~> 1.0)
     unicode-display_width (2.5.0)
+    warden (1.2.9)
+      rack (>= 2.0.9)
     web-console (4.2.1)
       actionview (>= 6.0.0)
       activemodel (>= 6.0.0)
@@ -337,10 +351,12 @@ DEPENDENCIES
   awesome_print (~> 1.9)
   better_errors (~> 2.10)
   binding_of_caller (~> 1.0)
+  cancancan (~> 3.5)
   chartkick (~> 5.0)
   cssbundling-rails
   data_migrate (~> 9.2)
   debug
+  devise (~> 4.9)
   draper (~> 4.0)
   factory_bot_rails (~> 6.2)
   ffaker (~> 2.23)

app/assets/stylesheets/style.scss

@@ -18,6 +18,10 @@ h1.rotated {
   font-size: 3rem;
 }
 
+.hero.is-info .has-dark-text .title {
+  color: #000;
+}
+
 @media (max-width: 768px) {
   h1.rotated {
     transform: none;

app/controllers/application_controller.rb

@@ -1,2 +1,15 @@
 class ApplicationController < ActionController::Base
+  before_action :configure_permitted_parameters, if: :devise_controller?
+
+  protected
+
+  def configure_permitted_parameters
+    devise_parameter_sanitizer.permit(:sign_up, keys: [:username])
+    devise_parameter_sanitizer.permit(:sign_in, keys: [:username])
+    devise_parameter_sanitizer.permit(:account_update, keys: [:username])
+  end
+
+  def after_sign_in_path_for(resource)
+    tweets_path
+  end
 end

app/models/tweet_metric.rb

@@ -3,14 +3,23 @@
 # Table name: tweet_metrics
 #
 #  id         :bigint           not null, primary key
-#  tweet_id   :bigint           not null
+#  bookmarks  :integer          default(0)
+#  likes      :integer          default(0)
 #  replies    :integer          default(0)
 #  reposts    :integer          default(0)
-#  likes      :integer          default(0)
-#  bookmarks  :integer          default(0)
 #  views      :integer          default(0)
 #  created_at :datetime         not null
 #  updated_at :datetime         not null
+#  tweet_id   :bigint           not null
+#
+# Indexes
+#
+#  index_tweet_metrics_on_tweet_id                 (tweet_id)
+#  index_tweet_metrics_on_tweet_id_and_created_at  (tweet_id,created_at) UNIQUE
+#
+# Foreign Keys
+#
+#  fk_rails_...  (tweet_id => tweets.id)
 #
 class TweetMetric < ApplicationRecord
   belongs_to :tweet

app/models/user.rb

@@ -0,0 +1,32 @@
+# == Schema Information
+#
+# Table name: users
+#
+#  id                  :bigint           not null, primary key
+#  encrypted_password  :string           default(""), not null
+#  remember_created_at :datetime
+#  username            :string           default(""), not null
+#  created_at          :datetime         not null
+#  updated_at          :datetime         not null
+#
+# Indexes
+#
+#  index_users_on_username  (username) UNIQUE
+#
+class User < ApplicationRecord
+  devise :database_authenticatable, :registerable,
+    :rememberable, :validatable
+  validates :username, presence: true, uniqueness: {case_sensitive: false}
+
+  def email_required?
+    false
+  end
+
+  def email_changed?
+    false
+  end
+
+  def will_save_change_to_email?
+    false
+  end
+end

app/views/devise/confirmations/new.html.slim

@@ -0,0 +1,15 @@
+h2 Resend confirmation instructions
+
+= form_for(resource, as: resource_name, url: confirmation_path(resource_name), html: { method: :post }) do |f|
+  = render "devise/shared/error_messages", resource: resource
+
+  .field
+    = f.label :username, class: 'label'
+    .control
+      = f.text_field :username, autofocus: true, autocomplete: "username", class: 'input', value: (resource.pending_reconfirmation? ? resource.unconfirmed_email : resource.username)
+
+  .field.is-grouped
+    .control
+      = f.submit "Resend confirmation instructions", class: 'button is-link'
+
+= render "devise/shared/links"

app/views/devise/passwords/edit.html.slim

@@ -0,0 +1,23 @@
+h2.title Change your password
+
+= form_for(resource, as: resource_name, url: password_path(resource_name), html: { method: :put }) do |f|
+  = render "devise/shared/error_messages", resource: resource
+  = f.hidden_field :reset_password_token
+
+  .field
+    = f.label :password, "New password", class: 'label'
+    - if @minimum_password_length
+      em (#{@minimum_password_length} characters minimum)
+    .control
+      = f.password_field :password, autofocus: true, autocomplete: "new-password", class: 'input'
+
+  .field
+    = f.label :password_confirmation, "Confirm new password", class: 'label'
+    .control
+      = f.password_field :password_confirmation, autocomplete: "new-password", class: 'input'
+
+  .field.is-grouped
+    .control
+      = f.submit "Change my password", class: 'button is-link'
+
+= render "devise/shared/links"

app/views/devise/passwords/new.html.slim

@@ -0,0 +1,15 @@
+h2.title Forgot your password?
+
+= form_for(resource, as: resource_name, url: password_path(resource_name), html: { method: :post }) do |f|
+  = render "devise/shared/error_messages", resource: resource
+
+  .field
+    = f.label :username, class: 'label'
+    .control
+      = f.text_field :username, autofocus: true, autocomplete: "username", class: 'input'
+
+  .field.is-grouped
+    .control
+      = f.submit "Send me reset password instructions", class: 'button is-link'
+
+= render "devise/shared/links"

app/views/devise/registrations/edit.html.slim

@@ -0,0 +1,41 @@
+h2.title Edit #{resource_name.to_s.humanize}
+
+= form_for(resource, as: resource_name, url: registration_path(resource_name), html: { method: :put }) do |f|
+  = render "devise/shared/error_messages", resource: resource
+
+  .field
+    = f.label :username, class: 'label'
+    .control
+      = f.text_field :username, autofocus: true, autocomplete: "username", class: 'input'
+
+  .field
+    = f.label :password, class: 'label'
+    i #{"(leave blank if you don't want to change it)"}
+    .control
+      = f.password_field :password, autocomplete: "new-password", class: 'input'
+    - if @minimum_password_length
+      br
+      em #{@minimum_password_length} characters minimum
+
+  .field
+    = f.label :password_confirmation, class: 'label'
+    .control
+      = f.password_field :password_confirmation, autocomplete: "new-password", class: 'input'
+
+  .field
+    = f.label :current_password, class: 'label'
+    i #{"(we need your current password to confirm your changes)"}
+    .control
+      = f.password_field :current_password, autocomplete: "current-password", class: 'input'
+
+  .field.is-grouped
+    .control
+      = f.submit "Update", class: 'button is-link'
+
+h3 Cancel my account
+
+.notification
+  | Unhappy?
+  = button_to "Cancel my account", registration_path(resource_name), data: { confirm: "Are you sure?", turbo_confirm: "Are you sure?" }, method: :delete, class: 'button is-danger'
+
+= link_to "Back", :back, class: 'button is-light'

app/views/devise/registrations/new.html.slim

@@ -0,0 +1,29 @@
+h2.title Sign up
+
+= form_for(resource, as: resource_name, url: registration_path(resource_name)) do |f|
+  = render "devise/shared/error_messages", resource: resource
+
+  .field
+    = f.label :username, class: 'label'
+    .control
+      = f.text_field :username, autofocus: true, autocomplete: "username", class: 'input'
+
+  .field
+    = f.label :password, class: 'label'
+    - if @minimum_password_length
+      em
+        = @minimum_password_length
+        | characters minimum
+    .control
+      = f.password_field :password, autocomplete: "new-password", class: 'input'
+
+  .field
+    = f.label :password_confirmation, class: 'label'
+    .control
+      = f.password_field :password_confirmation, autocomplete: "new-password", class: 'input'
+
+  .field.is-grouped
+    .control
+      = f.submit "Sign up", class: 'button is-link'
+
+= render "devise/shared/links"

app/views/devise/sessions/new.html.slim

@@ -0,0 +1,25 @@
+h2.title Log in
+
+= form_for(resource, as: resource_name, url: session_path(resource_name)) do |f|
+  .field
+    = f.label :username, class: 'label'
+    .control
+      = f.text_field :username, autofocus: true, autocomplete: "username", class: 'input'
+
+  .field
+    = f.label :password, class: 'label'
+    .control
+      = f.password_field :password, autocomplete: "current-password", class: 'input'
+
+  - if devise_mapping.rememberable?
+    .field
+      .control
+        label.checkbox
+          = f.check_box :remember_me
+          | Remember me
+
+  .field.is-grouped
+    .control
+      = f.submit "Log in", class: 'button is-link'
+
+= render "devise/shared/links"

app/views/devise/shared/_error_messages.html.slim

@@ -0,0 +1,9 @@
+- if resource.errors.any?
+  #error_explanation data-turbo-cache="false"
+    h2
+      = I18n.t("errors.messages.not_saved",
+                count: resource.errors.count,
+                resource: resource.class.model_name.human.downcase)
+    ul
+      - resource.errors.full_messages.each do |message|
+        li= message

app/views/devise/shared/_links.html.slim

@@ -0,0 +1,25 @@
+.nav.level
+  - if controller_name != 'sessions'
+    = link_to "Log in", new_session_path(resource_name), class: 'level-item'
+    br
+
+  - if devise_mapping.registerable? && controller_name != 'registrations'
+    = link_to "Sign up", new_registration_path(resource_name), class: 'level-item'
+    br
+
+  - if devise_mapping.recoverable? && controller_name != 'passwords' && controller_name != 'registrations'
+    = link_to "Forgot your password?", new_password_path(resource_name), class: 'level-item'
+    br
+
+  - if devise_mapping.confirmable? && controller_name != 'confirmations'
+    = link_to "Didn't receive confirmation instructions?", new_confirmation_path(resource_name), class: 'level-item'
+    br
+
+  - if devise_mapping.lockable? && resource_class.unlock_strategy_enabled?(:email) && controller_name != 'unlocks'
+    = link_to "Didn't receive unlock instructions?", new_unlock_path(resource_name), class: 'level-item'
+    br
+
+  - if devise_mapping.omniauthable?
+    - resource_class.omniauth_providers.each do |provider|
+      = button_to "Sign in with #{OmniAuth::Utils.camelize(provider)}", omniauth_authorize_path(resource_name, provider), data: { turbo: false }, class: 'button is-link level-item'
+      br