Chapter 8

.browserslistrc

@@ -0,0 +1 @@
+defaults

.gitignore

@@ -1,33 +1,78 @@
-# See https://help.github.com/articles/ignoring-files for more about ignoring files.
-#
-# If you find yourself ignoring temporary files generated by your text editor
-# or operating system, you probably want to add a global ignore instead:
-#   git config --global core.excludesfile '~/.gitignore_global'
-
-# Ignore bundler config.
-/.bundle
+*.rbc
+capybara-*.html
+.rspec
+/db/*.sqlite3
+/db/*.sqlite3-journal
+/db/*.sqlite3-[0-9]*
+/public/system
+/coverage/
+/spec/tmp
+*.orig
+rerun.txt
+pickle-email-*.html
 
 # Ignore all logfiles and tempfiles.
 /log/*
 /tmp/*
 !/log/.keep
 !/tmp/.keep
 
-# Ignore pidfiles, but keep the directory.
-/tmp/pids/*
-!/tmp/pids/
-!/tmp/pids/.keep
+# TODO Comment out this rule if you are OK with secrets being uploaded to the repo
+config/initializers/secret_token.rb
+config/master.key
 
-# Ignore uploaded files in development.
-/storage/*
-!/storage/.keep
-/tmp/storage/*
-!/tmp/storage/
-!/tmp/storage/.keep
+# Only include if you have production secrets in this file, which is no longer a Rails default
+# config/secrets.yml
+
+# dotenv, dotenv-rails
+# TODO Comment out these rules if environment variables can be committed
+.env
+.env*.local
+
+## Environment normalization:
+/.bundle
+/vendor/bundle
+
+# these should all be checked in to normalize the environment:
+# Gemfile.lock, .ruby-version, .ruby-gemset
+
+# unless supporting rvm < 1.11.0 or doing something fancy, ignore this:
+.rvmrc
 
+# if using bower-rails ignore default bower_components path bower.json files
+/vendor/assets/bower_components
+*.bowerrc
+bower.json
+
+# Ignore pow environment settings
+.powenv
+
+# Ignore Byebug command history file.
+.byebug_history
+
+# Ignore node_modules
+node_modules/
+
+# Ignore precompiled javascript packs
+/public/packs
+/public/packs-test
 /public/assets
 
-# Ignore master key for decrypting credentials and more.
-/config/master.key
-/config/database.yml
-/test/*
+# Ignore yarn files
+/yarn-error.log
+yarn-debug.log*
+.yarn-integrity
+
+# Ignore uploaded files in development
+/storage/*
+!/storage/.keep
+/public/uploads
+
+/public/packs
+/public/packs-test
+/node_modules
+/yarn-error.log
+yarn-debug.log*
+.yarn-integrity
+config/database.yml
+config/database.yml

Gemfile

@@ -41,6 +41,11 @@ gem "tzinfo-data", platforms: %i(mingw mswin x64_mingw jruby)
 
 # Reduces boot times through caching; required in config/boot.rb
 gem "bootsnap", require: false
+gem "bcrypt", "3.1.18"
+gem "bootstrap", "~> 5.2.3"
+gem "webpacker", "~> 5.4"
+gem "sassc-rails"
+gem "byebug", platforms: [:mri, :mingw, :x64_mingw]
 
 # Use Sass to process CSS
 # gem "sassc-rails"
@@ -73,3 +78,4 @@ group :test do
   gem "selenium-webdriver"
   gem "webdrivers"
 end
+gem "rack-mini-profiler"

Gemfile.lock

@@ -69,11 +69,19 @@ GEM
     addressable (2.8.5)
       public_suffix (>= 2.0.2, < 6.0)
     ast (2.4.2)
+    autoprefixer-rails (10.4.19.0)
+      execjs (~> 2)
     base64 (0.1.1)
+    bcrypt (3.1.18)
     bindex (0.8.1)
     bootsnap (1.16.0)
       msgpack (~> 1.2)
+    bootstrap (5.2.3)
+      autoprefixer-rails (>= 9.1.0)
+      popper_js (>= 2.11.6, < 3)
+      sassc-rails (>= 2.0.0)
     builder (3.2.4)
+    byebug (11.1.3)
     capybara (3.39.2)
       addressable
       matrix
@@ -90,6 +98,8 @@ GEM
       irb (>= 1.5.0)
       reline (>= 0.3.1)
     erubi (1.12.0)
+    execjs (2.10.0)
+    ffi (1.17.1-x86_64-linux-gnu)
     globalid (1.1.0)
       activesupport (>= 5.0)
     i18n (1.14.1)
@@ -136,11 +146,16 @@ GEM
     parser (3.2.2.3)
       ast (~> 2.4.1)
       racc
+    popper_js (2.11.8)
     public_suffix (5.0.3)
     puma (5.6.6)
       nio4r (~> 2.0)
     racc (1.7.1)
     rack (2.2.8)
+    rack-mini-profiler (3.3.1)
+      rack (>= 1.2.0)
+    rack-proxy (0.7.7)
+      rack
     rack-test (2.1.0)
       rack (>= 1.3)
     rails (7.0.7)
@@ -199,10 +214,19 @@ GEM
       rubocop (>= 1.7.0, < 2.0)
     ruby-progressbar (1.13.0)
     rubyzip (2.3.2)
+    sassc (2.4.0)
+      ffi (~> 1.9)
+    sassc-rails (2.1.2)
+      railties (>= 4.0.0)
+      sassc (>= 2.0)
+      sprockets (> 3.0)
+      sprockets-rails
+      tilt
     selenium-webdriver (4.10.0)
       rexml (~> 3.2, >= 3.2.5)
       rubyzip (>= 1.2.2, < 3.0)
       websocket (~> 1.0)
+    semantic_range (3.1.0)
     sprockets (4.2.0)
       concurrent-ruby (~> 1.0)
       rack (>= 2.2.4, < 4)
@@ -213,6 +237,7 @@ GEM
     stimulus-rails (1.2.2)
       railties (>= 6.0.0)
     thor (1.2.2)
+    tilt (2.6.0)
     timeout (0.4.0)
     turbo-rails (1.4.0)
       actionpack (>= 6.0.0)
@@ -230,6 +255,11 @@ GEM
       nokogiri (~> 1.6)
       rubyzip (>= 1.3.0)
       selenium-webdriver (~> 4.0, < 4.11)
+    webpacker (5.4.4)
+      activesupport (>= 5.2)
+      rack-proxy (>= 0.6.1)
+      railties (>= 5.2)
+      semantic_range (>= 2.3.0)
     websocket (1.2.9)
     websocket-driver (0.7.6)
       websocket-extensions (>= 0.1.0)
@@ -242,24 +272,30 @@ PLATFORMS
   x86_64-linux
 
 DEPENDENCIES
+  bcrypt (= 3.1.18)
   bootsnap
+  bootstrap (~> 5.2.3)
+  byebug
   capybara
   debug
   importmap-rails
   jbuilder
   mysql2 (~> 0.5)
   puma (~> 5.0)
+  rack-mini-profiler
   rails (~> 7.0.5)
   rubocop (~> 1.26)
   rubocop-checkstyle_formatter
   rubocop-rails (~> 2.14.0)
+  sassc-rails
   selenium-webdriver
   sprockets-rails
   stimulus-rails
   turbo-rails
   tzinfo-data
   web-console
   webdrivers
+  webpacker (~> 5.4)
 
 RUBY VERSION
    ruby 3.2.2p53

app/assets/stylesheets/application.scss

@@ -0,0 +1,15 @@
+@import "bootstrap";
+
+
+.navbar-brand {
+    text-transform: uppercase;
+    letter-spacing: 0.1em;
+    font-weight: bold;
+}
+
+/* Tăng kích cỡ chữ cho h1 */
+h1 {
+    font-size: 2.5rem;
+}
+
+@import "custom";

app/assets/stylesheets/custom.scss

@@ -0,0 +1,44 @@
+// app/assets/stylesheets/custom.scss
+body {
+    background-color: #f8f9fa; 
+}
+  /* sidebar */
+  aside {
+    section.user_info {
+    margin-top: 20px;
+}
+  section {
+    padding: 10px 0;
+    margin-top: 20px;
+
+  &:first-child {
+    border: 0;
+    padding-top: 0;}
+
+  span {
+     display: block;
+     margin-bottom: 3px;
+     line-height: 1;
+}
+  h1 {
+      font-size: 1.4em;
+      text-align: left;
+      letter-spacing: -1px;
+      margin-bottom: 3px;
+      margin-top: 0px;}
+    }
+  }
+  .gravatar {
+    float: left;
+    margin-right: 10px;
+  }
+  .gravatar_edit {margin-top: 15px;}
+
+
+  /* forms */
+  input, textarea, select, .uneditable-input {
+    border: 1px solid #bbb;
+    width: 100%;margin-bottom: 15px;
+  }
+  input {
+    height: auto !important;}

app/controllers/application_controller.rb

@@ -1,2 +1,3 @@
 class ApplicationController < ActionController::Base
+    include SessionsHelper
 end

app/controllers/pages_controller.rb

@@ -0,0 +1,10 @@
+class PagesController < ApplicationController
+  def home
+  end
+
+  def help
+  end
+
+  def contact
+  end
+end

app/controllers/sessions_controller.rb

@@ -0,0 +1,39 @@
+class SessionsController < ApplicationController
+        def new
+
+        # Cookie thong thuong  
+        cookies[:demo_normal] = "normal"  
+
+        # Gia tri cua cookie se duoc ma hoa  
+        # Cookie nay duoc ma hoa voi key la "secret.secret_key_base"  
+        cookies.signed[:demo_signed] = "signed"  
+
+        # Gia tri cua cookie se duoc ma hoa tuong tu nhu cookies.signed  
+        # Cookie nay duoc ma hoa voi key la "secret.secret_key_base"  
+        cookies.encrypted[:demo_encrypted] = "encrypted"  
+
+        # Khi dung httponly, cookie se khong the doc duoc bang JavaScript,  
+        # va cookie se het han sau thoi gian  
+        cookies[:demo_httponly] = {value: "http only", expires: Time.current + 1.hour, httponly: true }  
+        Rails.logger.info "Đã set cookie demo_httponly với HttpOnly"
+        # Phần code khác...
+        # Khi dung cookies.permanent, cookie nay se het han sau mot thoi gian rat dai, khoang 20 nam tu thoi 
+        cookies.permanent[:demo_permanent] = "permanent"
+      end
+
+      def create
+        user = User.find_by(email: params.dig(:session, :email)&.downcase)
+        if user && user.authenticate(params.dig(:session, :password))
+          log_in user  # Đây sẽ thiết lập session[:user_id] = user.id
+          redirect_to user
+        else
+          flash.now[:danger] = t "invalid_email_password_combination"
+          render :new, status: :unprocessable_entity
+         end
+      end
+
+      def destroy
+        log_out
+        redirect_to root_path
+      end
+    end

app/controllers/users_controller.rb

@@ -0,0 +1,28 @@
+class UsersController < ApplicationController
+    def show
+        @user = User.find_by id: params[:id]
+        unless @user
+        flash[:error] = "User not found."
+        redirect_to root_path and return
+    end
+  end
+    def new
+      @user = User.new
+    end
+        def create
+            @user = User.new(user_params)
+            #byebug
+            if @user.save
+              # do something
+              log_in @user
+              flash[:success] = "User created successufully!"
+              redirect_to @user
+            else
+              render :new
+            end
+          end
+          private
+            def user_params
+            params.require(:user).permit(:name, :email, :password, :password_confirmation, :birthday, :gender)
+          end
+end