class AccountController < ApplicationController layout "main" observer :

1. class AccountController < ApplicationController
2. layout "main"
3.  
4. observer :user_observer
5.  
6. # say something nice, you goof! something sweet.
7. def index
8. if logged_in?
9. redirect_to(:action => 'index', :controller => 'app')
10. else
11. redirect_to(:action => 'signup') unless logged_in? || User.count > 0
12. end
13. end
14.  
15. def login
16. return unless request.post?
17. self.current_user = User.authenticate(params[:login], params[:password])
18. if logged_in?
19. if params[:remember_me] == "1"
20. self.current_user.remember_me
21. cookies[:auth_token] = { :value => self.current_user.remember_token , :expires => self.current_user.remember_token_expires_at }
22. end
23. redirect_back_or_default(:controller => '/app', :action => 'index')
24. #flash[:notice] = "Logged in successfully"
25. else
26. flash[:error] = "Sorry, but you entered the wrong login or password."
27. end
28. end
29.  
30. def signup
31. @user = User.new(params[:user])
32. return unless request.post?
33. @user.save!
34. #self.current_user = @user
35. redirect_back_or_default(:controller => '/account', :action => 'step_two')
36. flash[:notice] = "Thanks for signing up!"
37. rescue ActiveRecord::RecordInvalid
38. render :action => 'signup'
39. end
40.  
41. def logout
42. self.current_user.forget_me if logged_in?
43. cookies.delete :auth_token
44. reset_session
45. flash[:notice] = "You have been logged out."
46. redirect_back_or_default(:controller => '/')
47. end
48.  
49. def activate
50. @user = User.find_by_activation_code(params[:id])
51. if @user and @user.activate
52. self.current_user = @user
53. redirect_back_or_default(:controller => '/account', :action => 'index')
54. flash[:notice] = "Your account has been activated."
55. end
56. end
57.  
58. def step_two
59.  
60. end
61.  
62. def forgot_password
63. return unless request.post?
64. if @user = User.find_by_login(params[:login])
65. @user.forgot_password
66. @user.save
67. flash[:success] = "A password reset link has been sent to your email address"
68. redirect_back_or_default(:controller => '/account', :action => 'login')
69. else
70. flash[:error] = "Could not find a user with that email address"
71. end
72.  
73.  
74. end
75.  
76. def reset_password
77. @user = User.find_by_password_reset_code(params[:id])
78. return if @user unless params[:password]
79. if (params[:password] == params[:password_confirmation])
80. self.current_user = @user #for the next two lines to work
81. current_user.password_confirmation = params[:password_confirmation]
82. current_user.password = params[:password]
83. @user.reset_password
84. flash[:notice] = current_user.save ? "Password reset" : "Password not reset"
85. else
86. flash[:notice] = "Password mismatch"
87. end
88. redirect_back_or_default(:controller => '/account', :action => 'index')
89. end
90.  
91. end