class AccountController < ApplicationController observer :user_observer

1. class AccountController < ApplicationController
2.  
3. observer :user_observer
4. # If you want "remember me" functionality, add the this before_filter uncommended to Application Controller
5. # before_filter :login_from_cookie
6.  
7. # the below method is to be deleted, It's from Authentication module
8. # def logged_in?
9. # (@current_user ||= session[:user] ? User.find_by_id(session[:user]) : :false).is_a?(User)
10. # end
11. def index
12. redirect_to(:action => 'signup') unless logged_in? || User.count > 0
13. end
14.  
15. def login
16. return unless request.post?
17. self.current_user = User.authenticate(params[:login], params[:password])
18. if current_user
19. if params[:remember_me] == "1"
20. self.current_user.remember_me
21. cookies[:auth_token] = { :value => self.current_user.remember_token , :expires => self.current_user.remember_token_expires_at }
22. end
23. redirect_back_or_default(:controller => '/contract', :action => 'index')
24. flash[:notice] = "Logged in successfully as #{ current_user.login }"
25. else
26. flash[:notice] = "Either the username or password are incorrect."
27. end
28. end
29.  
30. def signup
31. @user = User.new(params[:user])
32. return unless request.post?
33. if @user.save
34. redirect_back_or_default(:controller => 'contract', :action => 'index')
35. flash[:notice] = "Thank You for applying for membership."
36. end
37. end
38.  
39. def logout
40. self.current_user.forget_me if logged_in?
41. cookies.delete :auth_token
42. reset_session
43. flash[:notice] = "You have been logged out."
44. redirect_back_or_default(:controller => '/account', :action => 'index')
45. end
46.  
47. def change_password
48. return unless request.post?
49. if User.authenticate(current_user.login, params[:old_password])
50. if (params[:password] == params[:password_confirmation])
51. # why is this attrribute set? it seems redundant
52. current_user.password_confirmation = params[:password_confirmation]
53. current_user.password = params[:password]
54. # somehow, this save is setting activated_at to null
55. flash[:notice] = current_user.save ?
56. "Password changed" :
57. "Password not changed"
58. else
59. flash[:notice] = "Password mismatch"
60. @old_password = params[:old_password]
61. end
62. else
63. flash[:notice] = "Wrong password"
64. end
65. end
66.  
67.  
68. def activate
69. if params[:activation_code]
70. @user = User.find_by_activation_code(params[:activation_code])
71.  
72. if @user and @user.activate
73. self.current_user = @user
74. redirect_back_or_default(:controller => '/account', :action => 'index')
75. flash[:notice] = "Your account has been activated."
76. else
77. flash[:error] = "Unable to activate the account. Did you provide the correct information?"
78. end
79. else
80. flash.clear
81. end
82. end
83. end