Class: Authorio::SessionsController

Inherits:

AuthorioController

• Object
• ActionController::Base
• AuthorioController
• Authorio::SessionsController

Defined in:

app/controllers/authorio/sessions_controller.rb

Instance Method Summary

• #create ⇒ Object

  POST /session.

• #destroy ⇒ Object

  DELETE /session.

• #new ⇒ Object

  GET /session/new.

Methods inherited from AuthorioController

#authorized?, #current_user, #index, #logged_in?, #profile_url, #rememberable?, #user_scope_description, #user_session

Instance Method Details

#create ⇒ Object

POST /session

# File 'app/controllers/authorio/sessions_controller.rb', line 11

def create
  user = User.find_by_username! auth_user_params[:username]
  raise Exceptions::InvalidPassword unless user.authenticate(auth_user_params[:password])

  write_session_cookie(user) if auth_user_params[:remember_me]
  # Even if we don't have a permanent remember-me session, we make a temporary session
  session[:user_id] = user.id
  redirect_to edit_user_path(user)
rescue Exceptions::InvalidPassword
  redirect_back_with_error 'Incorrect password. Try again.'
end

#destroy ⇒ Object

DELETE /session

# File 'app/controllers/authorio/sessions_controller.rb', line 24

def destroy
  reset_session
  if (cookie = cookies.encrypted[:user]) && (session = Session.find_by_cookie(cookie))
    cookies.delete :user
    session.destroy
  end
  redirect_to new_session_path
end

#new ⇒ Object

GET /session/new

# File 'app/controllers/authorio/sessions_controller.rb', line 6

def new
  @session = Session.new(authorio_user: User.first)
end