Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- def login
- # Check that the use is not already logged in
- unless session[:rbac_user].nil?
- redirect_with_notice_or_render 'You are already logged in.',
- 'active_rbac/login/already_logged_in'
- return
- end
- # Set the location to redirect to in the session if it was passed in through
- # a parameter and none is stored in the session.
- if session[:return_to].nil? and !params[:return_to].nil?
- session[:return_to] = params[:return_to]
- end
- # Simply render the login form on everything but POST.
- logger.info "Log: " + request.method.to_s
- return unless request.method == :post
- # Handle the login request otherwise.
- @errors = Array.new
- # If login or password is missing, we can stop processing right away.
- raise ActiveRecord::RecordNotFound if params[:login].to_s.empty? or params[:password].to_s.empty?
- # Try to log the user in.
- user = User.find_with_credentials(params[:login], params[:password])
- # Check whether a user with these credentials could be found.
- raise ActiveRecord::RecordNotFound unless not user.nil?
- # Check that the user has the correct state
- raise ActiveRecord::RecordNotFound unless User.state_allows_login?(user.state)
- # Write the user into the session object.
- write_user_to_session(user)
- session[:return_to] = '/articles'
- redirect_with_notice_or_render 'You have logged in successfully.',
- 'active_rbac/login/login_success'
- rescue ActiveRecord::RecordNotFound
- # Add an error and let the action render normally.
- @errors << 'Invalid user name or password!'
- end
- def redirect_with_notice_or_render(notice, template)
- if session[:return_to].nil?
- render :template => template
- else
- flash[:notice] = notice
- redirect_to session[:return_to]
- session[:return_to] = nil
- end
- end
Add Comment
Please, Sign In to add comment