- ## user_sessions_controller.rb
- class UserSessionsController < ApplicationController
- before_filter :require_no_user, :only => [:new, :create]
- before_filter :require_user, :only => :destroy
- def new
- @user_session = UserSession.new
- end
- def create
- @user_session = UserSession.new(params[:user_session])
- if @user_session.save
- flash[:notice] = "Login successful"
- ## FIXME
- redirect_to @current_user
- else
- render :action => :new
- end
- end
- def destroy
- current_user_session.destroy
- flash[:notice] = "Logout successful"
- redirect_to root_path
- end
- end
- ## application_controller.rb
- # Filters added to this controller apply to all controllers in the application.
- # Likewise, all the methods added will be available for all controllers.
- class ApplicationController < ActionController::Base
- helper :all # include all helpers, all the time
- helper_method :current_user_session, :current_user
- filter_parameter_logging :password, :password_confirmation
- protect_from_forgery # See ActionController::RequestForgeryProtection for details
- private
- def current_user_session
- return @current_user_session if defined?(@current_user_session)
- @current_user_session = UserSession.find
- end
- def current_user
- return @current_user if defined?(@current_user)
- @current_user = current_user_session && current_user_session.record
- end
- def require_user
- unless current_user
- store_location
- flash[:notice] = "You must be logged in to access that page"
- redirect_to login_path
- end
- end
- def require_no_user
- if current_user
- store_location
- flash[:notice] = "You must be logged out to access that page"
- redirect_to current_user
- return false
- end
- end
- def store_location
- session[:return_to] = request.request_uri
- end
- def redirect_back_or_default(default)
- redirect_to(session[:return_to] || default)
- session[:return_to] = nil
- end
- end
Copied
create a new version of this paste
RAW Paste Data