Motionspire Beta Launch – We Need Your Help!

Kyle — Mon, 20 Oct 2008 00:13:38 +0000

We recently launched the Motionspire beta. We’ve been developing this site for quite some time, and we’re finally opening it up to some users.

The concept behind Motionspire is very simple- we built the site to be the best place to view inspirational motion graphics content. Taking a cue from the CSS gallery concept, which has been implemented well by sites like cssmania, cssremix, and stylegala, among others, we thought that there should be a website where you can go to simply view some good motion graphics.

Instead of doing a full launch, we decided to start off with a beta model, for several reasons. First, it gives us a chance to get some good feedback from beta users before we go ahead with the global launch. We are always open to suggestions to make this site better for its users. Second, the beta launch gives us a chance to track some statistics so we can accurately gauge the resource requirements we’ll need for the site.

With that in mind, we need your help. If you are interested in this project, head on over to motionspire.com and fill out a beta account. It’s really easy, and it will give you the chance to be one of the first to try out this new endeavor. Thanks!

Simple login with Rails

Brett Wejrowski — Thu, 11 Sep 2008 15:47:39 +0000

We recently beta launched a new site, motionspire.com. Our main goal for the launch was to get statistics from user testing, mainly from a targeted audience. In order to keep a limited user base, we wanted to make visitors create a beta account, and use a login system in order to view the site.

I wanted to create a quick and simple login system that was, most importantly, temporary. The authentication didn’t require a lot of security because no user information was stored in our db other than an email and password. I also wanted to contain all the code for the system (as much as possible at least) in a few different directories, so I can easily remove the system for the main launch.

Here is the process I wanted to create:

1. user comes to the site, and inputs an email address requesting a beta account
2. the user gets an email with (1) a link to create their password and (2) a code for authentication
3. the user inputs the code and creates their password
4. the user can now view the site, and login at a later time

So that’s the process. My designer created two pages: (1) a page with a form requesting an account and another form to login and (2) a page to create a password with the code. I created a new controller, beta, and started with these two functions:

> ruby script/generate controller beta index create_password

And I created a model, betauser:

> ruby script/generate model betauser

The model had three fields: email, password, and a boolean ‘active’ to keep track of whether the user had activated the account. I usually use the timestamps for every model just as good practice. Here is the migration:

class AddBetaUsers < ActiveRecord::Migration
def self.up
create_table :betausers do |t|
t.boolean :active
t.string :email, :password
t.timestamps
end
end

 def self.down
drop_table :betausers
end
end

Next was the function for requesting a beta account. The form’s only input was their email:

def create_beta_invite
email = params[:email]
beta = Betauser.new
  //set the account to inactive
  beta.active = false
beta.email = email
if beta.save
// create a code based on the users email
// its not the most secure way to do things,
// but its simple and doesnt require another
// field in the database
code = Digest::SHA1.hexdigest(email)[3,12]
 
// create an email with my ActiveMailer model 'Notifier'
  email = Notifier.create_beta(email,code)
email.set_content_type("text/html")
Notifier.deliver(email)
  //redirect to the password creation page
  redirect_to :action => "create_password",
:email => email
[sourcecode language="ruby"] else
redirect_to :action => "index"
end
end

[/sourcecode]

After the user gets their email with their activation code, they go to the create_password page.  I send the email as a param in the link, so the activation page will only work if they use the link in the email (or directly edit the address if they are real crafty). The create password page has 3 inputs: code, password, and passRepeat (to verify the password).  Here is the action for this form:

[sourcecode language="ruby"]def make_account
@beta = Betauser.find_by_email(params[:email])
if !@beta
redirect_to :action => "index"
  //check that password fields match
  elsif params[:password] == params[:passRepeat]

[/sourcecode]

[sourcecode language="ruby"] // check that the code matches our formula from before
  if params[:code] != Digest::SHA1.hexdigest(@beta.email)[3,12]
flash[:alert] = "Incorrect Code!"
redirect_to :action => "create_password",
:email => @beta.email
else
  //save the password
  @beta.password = Digest::SHA1.hexdigest(params[:password])
  //set the account to active
  @beta.active = true
@beta.save
 //use the session cookies to log the user in,
// then redirect to the site
 session['betauser'] = @beta.id
redirect_to :controller => "main",
:action => "index"
end
else
flash[:alert] = "Passwords do not match!"
redirect_to :action => "create_password",
:email => @beta.email
end
end

So now we have a user logged in. But we have to have a ‘gatekeeper’ function to allow logged in users to view the site, and send everyone else to the login page. We will put this in the application.rb controller:[/sourcecode]

[sourcecode language="ruby"] // run the function before every action in our app
 before_filter :check_beta
....
protected
....

[/sourcecode]

def checkbeta
// don't check when user is in the beta pages
// that will cause an infinite redirect loop
if controller_name != 'beta'
// if betauser session variable is there
// and the beta user exists, set a
// global @betauser to represent the user
if (session['betauser'] and Betauser.find(session['betauser']) )
@betauser = Betauser.find(session['betauser'])
// if the account has not been activated,
// send the user to the create password page
if @betauser.active == false
session[:original_uri] = request.request_uri
redirect_to :controller => "beta",
:action => "create_password",
:email => @betauser.email
end
else
// if a user is not logged in,
// store the requested call
// and send the user to the
// account request and login page
session[:original_uri] = request.request_uri
redirect_to :controller => "beta",
:action => "index"
end
end
end

Notice that if the user is logged in and the account is active, there is no redirect, and the user goes to the requested page.

The only thing left is to create a login and logout function in our beta controller:

def login
password = params[:password]
email = params[:email]
user = Betauser.find_by_email(email)
 // make sure the user exists
 if !user
flash[:alert] = "No user with that email address."
redirect_to :action => "index"
 // make sure the account is active
 elsif user.active == 0
flash[:alert] = "You must activate your beta account."
redirect_to :action => "create_password",
:email => user.email
 // verify the password
 elsif Digest::SHA1.hexdigest(password) != user.password
flash[:alert] = "Incorrect Password."
redirect_to :action => "index"
else
 // set the session variable to log the user in
 session['betauser'] = user.id
// send to the original request, if exists
// otherwise, send to the homepage
if session[:original_uri]
redirect_to session[:original_uri]
else
redirect_to :controller => "main",
:action => "index"
end
end
end

def logout
 // set the session variable to nil
// and redirect to the login page
session['betauser'] = nil
redirect_to :controller => "beta",
:action => "index"
end

That’s about it. There are definitely things I could have done better, but I wanted something quick, dirty, and temporary. It works, and is not something I would want to use long term. However, if you have a need for a low-security, simple login, this gets it done. Overall, it only took me about an hour and 15 minutes to code, and will be very simple to remove.

**I will follow up with a very simple removal of the system, and post the files in their entirety at a later time. Check it out at Motionspire.com!

The Wojo Group » Motionspire

Motionspire Beta Launch – We Need Your Help!

Simple login with Rails