Class: Caboose::LoginController
- Inherits:
-
ApplicationController
- Object
- ActionController::Base
- ApplicationController
- Caboose::LoginController
- Defined in:
- app/controllers/caboose/login_controller.rb
Instance Method Summary collapse
-
#forgot_password_form ⇒ Object
GET /login/forgot-password.
-
#index ⇒ Object
GET /login.
-
#login ⇒ Object
POST /login.
-
#reset_password ⇒ Object
POST /login/reset-password.
-
#reset_password_form ⇒ Object
GET /login/reset-password/:reset_id.
-
#send_reset_email ⇒ Object
POST /login/forgot-password.
Methods inherited from ApplicationController
#before_action, #before_before_action, #logged_in?, #logged_in_user, #login_user, #logout_user, #parse_url_params, #reject_param, #user_is_allowed, #user_is_allowed_to, #validate_cookie, #validate_token, #var, #verify_logged_in
Instance Method Details
#forgot_password_form ⇒ Object
GET /login/forgot-password
50 51 52 53 54 |
# File 'app/controllers/caboose/login_controller.rb', line 50 def forgot_password_form @return_url = params[:return_url].nil? ? "/" : params[:return_url] @modal = params[:modal].nil? ? false : params[:modal] redirect_to @return_url if logged_in? end |
#index ⇒ Object
GET /login
6 7 8 9 10 11 12 13 14 15 |
# File 'app/controllers/caboose/login_controller.rb', line 6 def index if params[:logout] logout_user elo = User.find(User::LOGGED_OUT_USER_ID) login_user(elo) end @return_url = params[:return_url].nil? ? "/" : params[:return_url] @modal = params[:modal].nil? ? false : params[:modal] redirect_to @return_url and return if logged_in? end |
#login ⇒ Object
POST /login
18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 |
# File 'app/controllers/caboose/login_controller.rb', line 18 def login resp = StdClass.new('error' => '', 'redirect' => '') return_url = params[:return_url].nil? ? "/" : params[:return_url] if logged_in? resp.redirect = return_url else username = params[:username].downcase password = params[:password] if username.nil? || password.nil? || password.strip.length == 0 resp.error = "Invalid credentials" else bouncer_class = Caboose::authenticator_class.constantize bouncer = bouncer_class.new login_resp = bouncer.authenticate(username, password) if login_resp.error resp.error = login_resp.error else remember = params[:remember] && (params[:remember] == 1 || params[:remember] == "1") login_user(login_resp.user, remember) resp.redirect = return_url resp.modal = false Caboose.plugin_hook('login_success', login_resp.user.id) end end end render :json => resp end |
#reset_password ⇒ Object
POST /login/reset-password
101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 |
# File 'app/controllers/caboose/login_controller.rb', line 101 def reset_password @return_url = params[:return_url].nil? ? "/" : params[:return_url] redirect_to @return_url if logged_in? resp = Caboose::StdClass.new reset_id = params[:id] pass1 = params[:pass1] pass2 = params[:pass2] if reset_id.nil? || reset_id.strip.length == 0 resp.error = "No reset ID was given." else user = Caboose::User.user_for_reset_id(reset_id) if user.nil? resp.error = "The given reset ID is invalid." elsif pass1 != pass2 resp.error = "Passwords don't match." elsif pass1.length < 8 resp.error = "Passwords must be at least 8 characters" else user.password = Digest::SHA1.hexdigest(Caboose::salt + pass1) user.password_reset_id = '' user.password_reset_sent = '' user.save resp.redirect = '/login' end end render :json => resp end |
#reset_password_form ⇒ Object
GET /login/reset-password/:reset_id
92 93 94 95 96 97 98 |
# File 'app/controllers/caboose/login_controller.rb', line 92 def reset_password_form @return_url = params[:return_url].nil? ? "/" : params[:return_url] redirect_to @return_url if logged_in? @reset_id = params[:reset_id] @user = Caboose::User.user_for_reset_id(@reset_id) end |
#send_reset_email ⇒ Object
POST /login/forgot-password
57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 |
# File 'app/controllers/caboose/login_controller.rb', line 57 def send_reset_email @return_url = params[:return_url].nil? ? "/" : params[:return_url] redirect_to @return_url if logged_in? resp = Caboose::StdClass.new username = params[:username] if username.nil? || username.strip.length == 0 resp.error = "You must enter a username." render :json => resp return end bob = nil bob = Caboose::User.where(:username => username).first if Caboose::User.where(:username => username).exists? bob = Caboose::User.where(:email => username).first if bob.nil? && bob = Caboose::User.where(:email => username) if bob.nil? resp.error = "The given username is not in our system." render :json => resp return end rand = Array.new(20){rand(36).to_s(36)}.join bob.password_reset_id = rand bob.password_reset_sent = DateTime.now bob.save LoginMailer.forgot_password_email(bob).deliver resp.success = "We just sent you an email. The reset link inside is good for 3 days." render :json => resp end |