Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- class EmployersController < ApplicationController
- before_filter :authorize, :except => [ :login, :new, :create ]
- def login
- if request.post?
- employer = Employer.authenticate(params[:email], params[:password])
- if employer
- session[:employer_id] = employer.id
- redirect_to(:controller => "employers", :action => "show", :id => employer.id )
- #uri = session[:original_uri]
- #session[:original_uri] = nil
- #redirect_to(uri)
- else
- flash.now[:notice] = "Invalid email/password combination"
- end
- end
- end
- protected
- def authorize
- unless Employer.find_by_id(session[:employer_id])
- flash[:notice] = "Please log in"
- redirect_to :action => "login"
- end
- end
- end
- class Employer < ActiveRecord::Base
- def self.authenticate(email, password)
- employer = self.find_by_email(email)
- if employer
- expected_password = password
- if employer.password != expected_password
- employer = nil
- end
- end
- employer
- end
- end
Add Comment
Please, Sign In to add comment