build: create user and session

photo-review-api/app/controllers/application_controller.rb

@@ -1,6 +1,7 @@
 class ApplicationController < ActionController::API
   include ActionController::RequestForgeryProtection
 
-  protect_from_forgery with: :exception, unless: -> { request.format.json? }
+  # protect_from_forgery with: :exception, unless: -> { request.format.json? }
+  protect_from_forgery with: :null_session, unless: -> { request.format.json? }
   before_action :authenticate_user!
 end

photo-review-api/app/controllers/users/registrations_controller.rb

@@ -0,0 +1,68 @@
+# frozen_string_literal: true
+
+class Users::RegistrationsController < Devise::RegistrationsController
+  # before_action :configure_sign_up_params, only: [:create]
+  before_action :configure_account_update_params, only: [:update]
+
+  # GET /resource/sign_up
+  # def new
+  #   super
+  # end
+
+  # POST /resource
+  # def create
+  #   p '------------------'
+  #   p '------------------'
+  #   p 'create user'
+  #   p params[:email]
+  #   p '------------------'
+  #   p '------------------'
+  #   super
+  # end
+
+  # GET /resource/edit
+  # def edit
+  #   super
+  # end
+
+  # PUT /resource
+  def update
+    super
+  end
+
+  # DELETE /resource
+  # def destroy
+  #   super
+  # end
+
+  # GET /resource/cancel
+  # Forces the session data which is usually expired after sign
+  # in to be expired now. This is useful if the user wants to
+  # cancel oauth signing in/up in the middle of the process,
+  # removing all OAuth session data.
+  # def cancel
+  #   super
+  # end
+
+  # protected
+
+  # If you have extra params to permit, append them to the sanitizer.
+  # def configure_sign_up_params
+  #   devise_parameter_sanitizer.permit(:sign_up, keys: [:attribute])
+  # end
+
+  # If you have extra params to permit, append them to the sanitizer.
+  def configure_account_update_params
+    devise_parameter_sanitizer.permit(:account_update, keys: [:username])
+  end
+
+  # The path used after sign up.
+  # def after_sign_up_path_for(resource)
+  #   super(resource)
+  # end
+
+  # The path used after sign up for inactive accounts.
+  # def after_inactive_sign_up_path_for(resource)
+  #   super(resource)
+  # end
+end

photo-review-api/config/application.rb

@@ -23,13 +23,14 @@ class Application < Rails::Application
     # Middleware like session, flash, cookies can be added back manually.
     # Skip views, helpers and assets when generating a new resource.
     config.api_only = true
+    config.middleware.use ActionDispatch::Flash
 
     # disable session cookies temporarily to bypass errors for testing
     # will need to re-enable later
     # error: when uploading photo to album, getting error:
     # https://github.com/waiting-for-dev/devise-jwt/issues/235
-    # config.session_store :cookie_store, key: '_interslice_session'
-    # config.middleware.use ActionDispatch::Cookies
-    # config.middleware.use config.session_store, config.session_options
+    config.session_store :cookie_store, key: '_interslice_session'
+    config.middleware.use ActionDispatch::Cookies
+    config.middleware.use config.session_store, config.session_options
   end
 end

photo-review-api/config/initializers/devise.rb

@@ -263,7 +263,8 @@
   # should add them to the navigational formats lists.
   #
   # The "*/*" below is required to match Internet Explorer requests.
-  config.navigational_formats = ['*/*', :html, :turbo_stream]
+  # config.navigational_formats = ['*/*', :html, :turbo_stream]
+  config.navigational_formats = []
 
   # The default HTTP method used to sign out a resource. Default is :delete.
   config.sign_out_via = :delete

photo-review-api/config/routes.rb

@@ -14,7 +14,11 @@
   put '/photos/:photo_id/photo_user_reviews', to: 'photo_user_reviews#update', as: 'update_review'
   delete '/delete_photos', to: 'photos#destroy_multiple', as: 'delete_photos'
   get '/albums/:album_id/upload_progress', to: 'uploads#show_progress', as: 'upload_progress'
-  devise_for :users
+  devise_for :users, controllers: {
+    registrations: 'users/registrations'
+  } do
+    post '/users', to: 'users/registrations#create'
+  end
 end
 
 # TODO: Add a route to get all reviews for a photo

photo-review-client/src/views/Signup.vue

@@ -3,28 +3,49 @@
     <h1>Signup</h1>
     <form @submit="handleSubmit">
       <label for="email">Email:</label>
-      <input type="email" id="email" v-model="email" required>
+      <input type="email" id="email" v-model="email" required class="text-black border">
       <label for="password">Password:</label>
-      <input type="password" id="password" v-model="password" required>
+      <input type="password" id="password" v-model="password" required class="text-black border">
       <label for="confirmPassword">Confirm Password:</label>
-      <input type="password" id="confirmPassword" v-model="password2" required>
+      <input type="password" id="confirmPassword" v-model="password2" required class="text-black border">
       <button type="submit">Sign Up</button>
     </form>
   </div>
 </template>
 
 <script setup lang="ts">
 import { ref } from 'vue';
+import axios from 'axios';
 
 const email = ref('');
 const password = ref('');
 const password2 = ref('');
 
-const handleSubmit = (event: Event) => {
+const handleSubmit = async (event: Event) => {
   event.preventDefault();
-  // Perform signup logic here
-  console.log('Email:', email.value);
-  console.log('Password:', password.value);
+
+  if (password.value !== password2.value) {
+    alert('Passwords do not match');
+    return;
+  }
+
+  try {
+    const response = await axios.post('http://localhost:3000/users', {
+      user: {
+        email: email.value,
+        password: password.value
+      }
+      // email: email.value,
+      // password: password.value
+    });
+
+    console.log('Registration successful:', response.data);
+    // Handle success response here
+    // redirect to login page
+  } catch (error) {
+    console.error('Registration failed:', error);
+    // Handle error response here
+  }
 };
 </script>