Class: DeviseTokenAuth::SessionsController

Inherits:

ApplicationController

• Object
• DeviseController
• ApplicationController
• DeviseTokenAuth::SessionsController

Defined in:

app/controllers/devise_token_auth/sessions_controller.rb

Instance Method Summary

• #create ⇒ Object
• #destroy ⇒ Object
• #new ⇒ Object

Methods inherited from ApplicationController

#resource_data, #resource_errors

Instance Method Details

#create ⇒ Object

# File 'app/controllers/devise_token_auth/sessions_controller.rb', line 13

def create
  # Check
  field = (resource_params.keys.map(&:to_sym) & resource_class.authentication_keys).first

  @resource = nil
  if field
    q_value = get_case_insensitive_field_from_resource_params(field)

    @resource = find_resource(field, q_value)
  end

  if @resource && valid_params?(field, q_value) && (!@resource.respond_to?(:active_for_authentication?) || @resource.active_for_authentication?)
    valid_password = @resource.valid_password?(resource_params[:password])
    if (@resource.respond_to?(:valid_for_authentication?) && !@resource.valid_for_authentication? { valid_password }) || !valid_password
      return render_create_error_bad_credentials
    end
    @token = @resource.create_token
    @resource.save

    sign_in(:user, @resource, store: false, bypass: false)

    yield @resource if block_given?

    render_create_success
  elsif @resource && !(!@resource.respond_to?(:active_for_authentication?) || @resource.active_for_authentication?)
    if @resource.respond_to?(:locked_at) && @resource.locked_at
      render_create_error_account_locked
    else
      render_create_error_not_confirmed
    end
  else
    render_create_error_bad_credentials
  end
end

#destroy ⇒ Object

# File 'app/controllers/devise_token_auth/sessions_controller.rb', line 48

def destroy
  # remove auth instance variables so that after_action does not run
  user = remove_instance_variable(:@resource) if @resource
  client = @token.client if @token.client
  @token.clear!

  if user && client && user.tokens[client]
    user.tokens.delete(client)
    user.save!

    yield user if block_given?

    render_destroy_success
  else
    render_destroy_error
  end
end

#new ⇒ Object

# File 'app/controllers/devise_token_auth/sessions_controller.rb', line 9

def new
  render_new_error
end