Initial app

app/assets/stylesheets/application.css

@@ -0,0 +1,10 @@
+/*
+ * This is a manifest file that'll be compiled into application.css.
+ *
+ * With Propshaft, assets are served efficiently without preprocessing steps. You can still include
+ * application-wide styles in this file, but keep in mind that CSS precedence will follow the standard
+ * cascading order, meaning styles declared later in the document or manifest will override earlier ones,
+ * depending on specificity.
+ *
+ * Consider organizing styles into separate files for maintainability.
+ */

app/assets/stylesheets/application.scss

@@ -0,0 +1,3 @@
+// Sassy
+
+@import "bootstrap";

app/channels/application_cable/connection.rb

@@ -0,0 +1,16 @@
+module ApplicationCable
+  class Connection < ActionCable::Connection::Base
+    identified_by :current_user
+
+    def connect
+      set_current_user || reject_unauthorized_connection
+    end
+
+    private
+      def set_current_user
+        if session = Session.find_by(id: cookies.signed[:session_id])
+          self.current_user = session.user
+        end
+      end
+  end
+end

app/controllers/application_controller.rb

@@ -0,0 +1,5 @@
+class ApplicationController < ActionController::Base
+  include Authentication
+  # Only allow modern browsers supporting webp images, web push, badges, import maps, CSS nesting, and CSS :has.
+  allow_browser versions: :modern
+end

app/controllers/concerns/authentication.rb

@@ -0,0 +1,57 @@
+module Authentication
+  extend ActiveSupport::Concern
+
+  included do
+    before_action :require_authentication
+    helper_method :authenticated?
+  end
+
+  class_methods do
+    def allow_unauthenticated_access(**options)
+      skip_before_action :require_authentication, **options
+    end
+  end
+
+  private
+    def authenticated?
+      resume_session
+    end
+
+    def require_authentication
+      resume_session || request_authentication
+    end
+
+    def resume_session
+      Current.session ||= find_session_by_cookie
+    end
+
+    def find_session_by_cookie
+      Session.find_by(id: cookies.signed[:session_id]) if cookies.signed[:session_id]
+    end
+
+    def request_authentication
+      session[:return_to_after_authenticating] = request.url
+      redirect_to new_session_path
+    end
+
+    def after_authentication_url
+      session.delete(:return_to_after_authenticating) || root_url
+    end
+
+    def start_new_session_for(user)
+      user.sessions.create!(user_agent: request.user_agent, ip_address: request.remote_ip).tap do |session|
+        Current.session = session
+        cookies.signed.permanent[:session_id] = { value: session.id, httponly: true, same_site: :lax }
+      end
+    end
+
+    def terminate_session
+      Current.session.destroy
+      cookies.delete(:session_id)
+    end
+
+    def current_user
+      return unless Current.session[:user_id]
+      User.find(Current.session[:user_id])
+    end
+end

app/controllers/contests_controller.rb

@@ -0,0 +1,37 @@
+class ContestsController < ApplicationController
+  before_action :set_contest, only: %i[ show destroy ]
+
+  def index
+    @contests = current_user.contests
+  end
+
+  def show
+  end
+
+  def new
+    @contest = Contest.new
+  end
+
+  def create
+    @contest = Contest.new(contest_params)
+    @contest.user_id = current_user.id
+    if @contest.save
+      redirect_to @contest
+    else
+      render :new, status: :unprocessable_entity
+    end
+  end
+
+  def destroy
+  end
+
+  private
+
+  def set_contest
+    @contest = Contest.find(params[:id])
+  end
+
+  def contest_params
+    params.expect(contest: [ :name ])
+  end
+end

app/controllers/passwords_controller.rb

@@ -0,0 +1,33 @@
+class PasswordsController < ApplicationController
+  allow_unauthenticated_access
+  before_action :set_user_by_token, only: %i[ edit update ]
+
+  def new
+  end
+
+  def create
+    if user = User.find_by(email_address: params[:email_address])
+      PasswordsMailer.reset(user).deliver_later
+    end
+
+    redirect_to new_session_path, notice: "Password reset instructions sent (if user with that email address exists)."
+  end
+
+  def edit
+  end
+
+  def update
+    if @user.update(params.permit(:password, :password_confirmation))
+      redirect_to new_session_path, notice: "Password has been reset."
+    else
+      redirect_to edit_password_path(params[:token]), alert: "Passwords did not match."
+    end
+  end
+
+  private
+    def set_user_by_token
+      @user = User.find_by_password_reset_token!(params[:token])
+    rescue ActiveSupport::MessageVerifier::InvalidSignature
+      redirect_to new_password_path, alert: "Password reset link is invalid or has expired."
+    end
+end

app/controllers/puzzles_controller.rb

@@ -0,0 +1,38 @@
+class PuzzlesController < ApplicationController
+  before_action :set_puzzle, only: %i[ show destroy ]
+
+  def index
+    @puzzles = Puzzle.all
+  end
+
+  def show
+  end
+
+  def new
+    @puzzle = Puzzle.new
+  end
+
+  def create
+    @puzzle = Puzzle.new(puzzle_params)
+    if @puzzle.save
+      redirect_to @puzzle
+    else
+      render :new, status: :unprocessable_entity
+    end
+  end
+
+  def destroy
+    @puzzle.destroy
+    redirect_to puzzles_path
+  end
+
+  private
+
+  def set_puzzle
+    @puzzle = Puzzle.find(params[:id])
+  end
+
+  def puzzle_params
+    params.expect(puzzle: [ :name, :image ])
+  end
+end

app/controllers/sessions_controller.rb

@@ -0,0 +1,21 @@
+class SessionsController < ApplicationController
+  allow_unauthenticated_access only: %i[ new create ]
+  rate_limit to: 10, within: 3.minutes, only: :create, with: -> { redirect_to new_session_url, alert: "Try again later." }
+
+  def new
+  end
+
+  def create
+    if user = User.authenticate_by(params.permit(:email_address, :password))
+      start_new_session_for user
+      redirect_to after_authentication_url
+    else
+      redirect_to new_session_path, alert: "Try another email address or password."
+    end
+  end
+
+  def destroy
+    terminate_session
+    redirect_to new_session_path
+  end
+end

app/helpers/application_helper.rb

@@ -0,0 +1,2 @@
+module ApplicationHelper
+end

app/helpers/contests_helper.rb

@@ -0,0 +1,2 @@
+module ContestsHelper
+end

app/helpers/puzzles_helper.rb

@@ -0,0 +1,2 @@
+module PuzzlesHelper
+end

app/javascript/application.js

@@ -0,0 +1,3 @@
+// Configure your import map in config/importmap.rb. Read more: https://github.com/rails/importmap-rails
+import "@hotwired/turbo-rails"
+import "controllers"

app/javascript/controllers/application.js

@@ -0,0 +1,9 @@
+import { Application } from "@hotwired/stimulus"
+
+const application = Application.start()
+
+// Configure Stimulus development experience
+application.debug = false
+window.Stimulus   = application
+
+export { application }

app/javascript/controllers/hello_controller.js

@@ -0,0 +1,7 @@
+import { Controller } from "@hotwired/stimulus"
+
+export default class extends Controller {
+  connect() {
+    this.element.textContent = "Hello World!"
+  }
+}

app/javascript/controllers/index.js

@@ -0,0 +1,4 @@
+// Import and register all your controllers from the importmap via controllers/**/*_controller
+import { application } from "controllers/application"
+import { eagerLoadControllersFrom } from "@hotwired/stimulus-loading"
+eagerLoadControllersFrom("controllers", application)

app/jobs/application_job.rb

@@ -0,0 +1,7 @@
+class ApplicationJob < ActiveJob::Base
+  # Automatically retry jobs that encountered a deadlock
+  # retry_on ActiveRecord::Deadlocked
+
+  # Most jobs are safe to ignore if the underlying records are no longer available
+  # discard_on ActiveJob::DeserializationError
+end

app/mailers/application_mailer.rb

@@ -0,0 +1,4 @@
+class ApplicationMailer < ActionMailer::Base
+  default from: "from@example.com"
+  layout "mailer"
+end

app/mailers/passwords_mailer.rb

@@ -0,0 +1,6 @@
+class PasswordsMailer < ApplicationMailer
+  def reset(user)
+    @user = user
+    mail subject: "Reset your password", to: user.email_address
+  end
+end

app/models/application_record.rb

@@ -0,0 +1,3 @@
+class ApplicationRecord < ActiveRecord::Base
+  primary_abstract_class
+end

app/models/contest.rb

@@ -0,0 +1,3 @@
+class Contest < ApplicationRecord
+  belongs_to :user
+end

app/models/current.rb

@@ -0,0 +1,4 @@
+class Current < ActiveSupport::CurrentAttributes
+  attribute :session
+  delegate :user, to: :session, allow_nil: true
+end

app/models/puzzle.rb

@@ -0,0 +1,4 @@
+class Puzzle < ApplicationRecord
+  has_one_attached :image
+  validates :name, presence: true
+end

app/models/session.rb

@@ -0,0 +1,3 @@
+class Session < ApplicationRecord
+  belongs_to :user
+end

app/models/user.rb

@@ -0,0 +1,7 @@
+class User < ApplicationRecord
+  has_many :contests, dependent: :destroy
+  has_many :sessions, dependent: :destroy
+  has_secure_password
+
+  normalizes :email_address, with: ->(e) { e.strip.downcase }
+end

app/views/contests/index.html.slim

@@ -0,0 +1,22 @@
+.container.mt-5
+  - if authenticated?
+    .float-end
+     = button_to "Log out", session_path, method: :delete
+
+  h1 Welcome!
+
+  .alert.alert-primary role="alert"
+    | This is a brand new website!
+
+  h4.mt-4 Manage your contests
+
+  - @contests.each do |contest|
+    .card.mb-2
+      .card-body
+        .card-title
+          = contest.name
+        a.btn.btn-primary href=contest_path(contest)
+          | Open
+
+  a.btn.btn-primary.mt-4 href=new_contest_path
+    | Create a new contest

app/views/contests/new.html.slim

@@ -0,0 +1,8 @@
+h1 Create a new contest
+
+= form_with model: @contest do |form|
+  div
+    = form.label :name
+    = form.text_field :name
+  div
+    = form.submit

app/views/contests/show.html.slim

@@ -0,0 +1,5 @@
+.container.mt-5
+  h1 Contest: "#{@contest.name}"
+
+  a.btn.btn-primary href=root_path
+    | Back to all contests

app/views/layouts/application.html.erb

@@ -0,0 +1,28 @@
+<!DOCTYPE html>
+<html>
+  <head>
+    <title><%= content_for(:title) || "Puzzle Scoreboard" %></title>
+    <meta name="viewport" content="width=device-width,initial-scale=1">
+    <meta name="apple-mobile-web-app-capable" content="yes">
+    <meta name="mobile-web-app-capable" content="yes">
+    <%= csrf_meta_tags %>
+    <%= csp_meta_tag %>
+
+    <%= yield :head %>
+
+    <%# Enable PWA manifest for installable apps (make sure to enable in config/routes.rb too!) %>
+    <%#= tag.link rel: "manifest", href: pwa_manifest_path(format: :json) %>
+
+    <link rel="icon" href="/icon.png" type="image/png">
+    <link rel="icon" href="/icon.svg" type="image/svg+xml">
+    <link rel="apple-touch-icon" href="/icon.png">
+
+    <%# Includes all stylesheet files in app/assets/stylesheets %>
+    <%= stylesheet_link_tag :app, "data-turbo-track": "reload" %>
+    <%= javascript_importmap_tags %>
+  </head>
+
+  <body>
+    <%= yield %>
+  </body>
+</html>

app/views/layouts/mailer.html.erb

@@ -0,0 +1,13 @@
+<!DOCTYPE html>
+<html>
+  <head>
+    <meta http-equiv="Content-Type" content="text/html; charset=utf-8">
+    <style>
+      /* Email styles need to be inline */
+    </style>
+  </head>
+
+  <body>
+    <%= yield %>
+  </body>
+</html>

app/views/layouts/mailer.text.erb

@@ -0,0 +1 @@
+<%= yield %>

app/views/passwords/edit.html.erb

@@ -0,0 +1,9 @@
+<h1>Update your password</h1>
+
+<%= tag.div(flash[:alert], style: "color:red") if flash[:alert] %>
+
+<%= form_with url: password_path(params[:token]), method: :put do |form| %>
+  <%= form.password_field :password, required: true, autocomplete: "new-password", placeholder: "Enter new password", maxlength: 72 %><br>
+  <%= form.password_field :password_confirmation, required: true, autocomplete: "new-password", placeholder: "Repeat new password", maxlength: 72 %><br>
+  <%= form.submit "Save" %>
+<% end %>

app/views/passwords/new.html.erb

@@ -0,0 +1,8 @@
+<h1>Forgot your password?</h1>
+
+<%= tag.div(flash[:alert], style: "color:red") if flash[:alert] %>
+
+<%= form_with url: passwords_path do |form| %>
+  <%= form.email_field :email_address, required: true, autofocus: true, autocomplete: "username", placeholder: "Enter your email address", value: params[:email_address] %><br>
+  <%= form.submit "Email reset instructions" %>
+<% end %>

app/views/passwords_mailer/reset.html.erb

@@ -0,0 +1,4 @@
+<p>
+  You can reset your password within the next 15 minutes on
+  <%= link_to "this password reset page", edit_password_url(@user.password_reset_token) %>.
+</p>

app/views/passwords_mailer/reset.text.erb

@@ -0,0 +1,2 @@
+You can reset your password within the next 15 minutes on this password reset page:
+<%= edit_password_url(@user.password_reset_token) %>

app/views/puzzles/index.html.slim

@@ -0,0 +1,8 @@
+h1 Puzzles
+
+= link_to "New puzzle", new_puzzle_path
+
+div
+  - @puzzles.each do |puzzle|
+    div
+      = link_to puzzle.name, puzzle

app/views/puzzles/new.html.slim

@@ -0,0 +1,11 @@
+h1 New puzzle
+
+= form_with model: @puzzle do |form|
+  div
+    = form.label :name
+    = form.text_field :name
+  div
+    = form.label :image, style: "display: block"
+    = form.file_field :image, accept: "image/*"
+  div
+    = form.submit

app/views/puzzles/show.html.slim

@@ -0,0 +1,7 @@
+h1 = @puzzle.name
+
+= link_to "Back", puzzles_path
+
+= image_tag @puzzle.image if @puzzle.image.attached?
+
+= button_to "Delete", @puzzle, method: :delete, data: { turbo_confirm: "Are you suuure??" }

app/views/pwa/manifest.json.erb

@@ -0,0 +1,22 @@
+{
+  "name": "PuzzleScoreboard",
+  "icons": [
+    {
+      "src": "/icon.png",
+      "type": "image/png",
+      "sizes": "512x512"
+    },
+    {
+      "src": "/icon.png",
+      "type": "image/png",
+      "sizes": "512x512",
+      "purpose": "maskable"
+    }
+  ],
+  "start_url": "/",
+  "display": "standalone",
+  "scope": "/",
+  "description": "PuzzleScoreboard.",
+  "theme_color": "red",
+  "background_color": "red"
+}

app/views/pwa/service-worker.js

@@ -0,0 +1,26 @@
+// Add a service worker for processing Web Push notifications:
+//
+// self.addEventListener("push", async (event) => {
+//   const { title, options } = await event.data.json()
+//   event.waitUntil(self.registration.showNotification(title, options))
+// })
+//
+// self.addEventListener("notificationclick", function(event) {
+//   event.notification.close()
+//   event.waitUntil(
+//     clients.matchAll({ type: "window" }).then((clientList) => {
+//       for (let i = 0; i < clientList.length; i++) {
+//         let client = clientList[i]
+//         let clientPath = (new URL(client.url)).pathname
+//
+//         if (clientPath == event.notification.data.path && "focus" in client) {
+//           return client.focus()
+//         }
+//       }
+//
+//       if (clients.openWindow) {
+//         return clients.openWindow(event.notification.data.path)
+//       }
+//     })
+//   )
+// })

app/views/sessions/new.html.erb

@@ -0,0 +1,11 @@
+<%= tag.div(flash[:alert], style: "color:red") if flash[:alert] %>
+<%= tag.div(flash[:notice], style: "color:green") if flash[:notice] %>
+
+<%= form_with url: session_path do |form| %>
+  <%= form.email_field :email_address, required: true, autofocus: true, autocomplete: "username", placeholder: "Enter your email address", value: params[:email_address] %><br>
+  <%= form.password_field :password, required: true, autocomplete: "current-password", placeholder: "Enter your password", maxlength: 72 %><br>
+  <%= form.submit "Sign in" %>
+<% end %>
+<br>
+
+<%= link_to "Forgot password?", new_password_path %>