Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- class User < ActiveRecord::Base
- protected
- def auth(username, password)
- user = User.find(:first, :conditions => ["username = ?", username])
- return nil if user.nil?
- return user if user.password = password
- nil
- end
- end
- class SessionsController < ApplicationController
- skip_before_filter :login_required
- def new
- end
- def create
- user = User.auth(params[:username], params[:password])
- if user
- session[:user_id] = user.id
- flash[:notice] = "Welcome back, #{user.username}!"
- redirect_to invoices_url
- else
- flash[:error] = "Invalid username/password combination!"
- render :action => :new
- end
- end
- def destroy
- reset_session
- flash[:notice] = "You've been logged out."
- redirect_to new_session_url
- end
- end
Add Comment
Please, Sign In to add comment