Class: SessionsController

Inherits:
ApplicationController
  • Object
show all
Defined in:
lib/generators/resty/setup/templates/sessions_controller.rb

Instance Method Summary collapse

Instance Method Details

#createObject 



11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
 
# File 'lib/generators/resty/setup/templates/sessions_controller.rb', line 11

def create
  auth = params[:authentication] || params
  method = Rails.application.config.respond_to?(:remote_sso_url) ? :create_remote : :create
  @session = Session.send(method, auth[:login] || auth[:email], 
                            auth[:password])
  
  if @session.valid?
    current_user(@session.user)
    @session.idle_session_timeout = Rails.application.config.idle_session_timeout
    @session.permissions = guard.permissions(groups_for_current_user)

    # TODO make html login
    respond_to do |format|
      format.html { render :text => "authorized - but nothing further is implemented" }
      format.xml  { render :xml => @session.to_xml }
      format.json  { render :json => @session.to_json }
    end
  else
    head :unauthorized
  end
end

#destroyObject 



48
49
50
51
52
53
54
55
 
# File 'lib/generators/resty/setup/templates/sessions_controller.rb', line 48

def destroy
  # for the log
  @session = current_user

  # reset session happens in the after filter which allows for 
  # audit log with username which happens in another after filter
  head :ok
end

#reset_passwordObject 



33
34
35
36
37
38
39
40
41
42
43
44
45
46
 
# File 'lib/generators/resty/setup/templates/sessions_controller.rb', line 33

def reset_password
  authentication = params[:authentication] || []
  user = User.reset_password(authentication[:email] || authentication[:login])

  if user

    # for the log
    @session = user
    
    head :ok
  else
    head :not_found
  end
end