Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- # This controller handles the login/logout function of the site.
- class SessionController < ApplicationController
- include AuthenticatedSystem
- # render new.rhtml
- def new
- end
- def create
- if using_open_id?
- open_id_authentication(params[:openid_url])
- else
- password_authentication(params[:email], params[:password])
- end
- end
- def destroy
- self.current_user.forget_me if logged_in?
- cookies.delete :auth_token
- reset_session
- flash[:notice] = "You have been logged out."
- redirect_back_or_default('/')
- end
- protected
- def open_id_authentication(openid_url)
- authenticate_with_open_id(openid_url, :required => [:email]) do |result, identity_url, registration|
- if result.successful?
- @user = User.find_or_initialize_by_identity_url(identity_url)
- if @user.new_record?
- @user.email = registration['email']
- # validate
- if @user.save
- self.current_user = @user
- successful_login
- else
- flash[:notice] = "Account creation failed. Are you already registered with that email address?"
- end
- end
- else
- failed_login result.message
- end
- end
- end
- def password_authentication(email, password)
- self.current_user = User.authenticate(email, password)
- if logged_in?
- successful_login
- else
- failed_login
- end
- end
- def failed_login(message = "Authentication failed.")
- flash.now[:error] = message
- render :action => 'new'
- end
- def successful_login
- if params[:remember_me] == "1"
- self.current_user.remember_me
- cookies[:auth_token] = { :value => self.current_user.remember_token , :expires => self.current_user.remember_token_expires_at }
- end
- redirect_back_or_default('/')
- flash[:notice] = "Logged in successfully"
- end
- end
Add Comment
Please, Sign In to add comment