Class: QuoVadis::SessionsController

Inherits:

ApplicationController

• Object
• ApplicationController
• QuoVadis::SessionsController

Defined in:

app/controllers/quo_vadis/sessions_controller.rb

Instance Method Summary

• #accept ⇒ Object

  POST activation_path /sign-in/accept/:token.

• #create ⇒ Object

  POST sign_in_path.

• #destroy ⇒ Object

  GET sign_out_path.

• #edit ⇒ Object

  GET change_password_path /sign-in/change-password/:token.

• #forgotten ⇒ Object

  GET forgotten_sign_in_path POST forgotten_sign_in_path.

• #invite ⇒ Object

  GET invitation_path /sign-in/invite/:token.

• #invite_to_activate(user, data = {}) ⇒ Object

  Invites a user to set up their sign-in credentials.

• #new ⇒ Object

  GET sign_in_path.

• #update ⇒ Object

  PUT change_password_path /sign-in/change-password/:token.

Instance Method Details

#accept ⇒ Object

POST activation_path /sign-in/accept/:token

# File 'app/controllers/quo_vadis/sessions_controller.rb', line 100

def accept
  if (@user = QuoVadis.model_class.valid_token(params[:token]).first)
    @user.username, @user.password = params[:username], params[:password]
    # When we create a user who must activate their account, we give them
    # a random username and password.  However we want to treat them as if
    # they weren't set at all.
    @user.password_digest = nil if params[:password].blank?
    if @user.save
      @user.clear_token
      flash_if_present :notice, 'quo_vadis.flash.activation.accepted'
      sign_in @user
    else
      flash_if_present :alert, 'quo_vadis.flash.activation.invalid_credentials', :now
      render 'sessions/invite'
    end
  else
    invalid_token :activation
  end
end

#create ⇒ Object

POST sign_in_path

# File 'app/controllers/quo_vadis/sessions_controller.rb', line 11

def create
  if blocked?
    flash_if_present :alert, 'quo_vadis.flash.sign_in.blocked', :now
    render 'sessions/new'
  elsif user = QuoVadis.model_class.authenticate(params[:username], params[:password])
    flash_if_present :notice, 'quo_vadis.flash.sign_in.after'
    sign_in user
  else
    QuoVadis.failed_sign_in_hook self
    flash_if_present :alert, 'quo_vadis.flash.sign_in.failed', :now
    render 'sessions/new'
  end
end

#destroy ⇒ Object

GET sign_out_path

# File 'app/controllers/quo_vadis/sessions_controller.rb', line 26

def destroy
  QuoVadis.signed_out_hook send(:"current_#{QuoVadis.model_instance_name}"), self
  self.send :"current_#{QuoVadis.model_instance_name}=", nil
  flash_if_present :notice, 'quo_vadis.flash.sign_out'
  redirect_to QuoVadis.signed_out_url(self)
end

#edit ⇒ Object

GET change_password_path /sign-in/change-password/:token

# File 'app/controllers/quo_vadis/sessions_controller.rb', line 58

def edit
  if QuoVadis.model_class.valid_token(params[:token]).first
    render 'sessions/edit'
  else
    invalid_token :forgotten
  end
end

#forgotten ⇒ Object

GET forgotten_sign_in_path POST forgotten_sign_in_path

# File 'app/controllers/quo_vadis/sessions_controller.rb', line 35

def forgotten
  if request.get?
    render 'sessions/forgotten'
  elsif request.post?
    if params[:username].present? &&
        (user = QuoVadis.model_class.where(:username => params[:username]).first)
      if user.email.present?
        user.generate_token!
        QuoVadis::Notifier.change_password(user).deliver
        flash_if_present :notice, 'quo_vadis.flash.forgotten.sent_email'
        redirect_to :root
      else
        flash_if_present :alert, 'quo_vadis.flash.forgotten.no_email', :now
        render 'sessions/forgotten'
      end
    else
      flash_if_present :alert, 'quo_vadis.flash.forgotten.unknown', :now
      render 'sessions/forgotten'
    end
  end
end

#invite ⇒ Object

GET invitation_path /sign-in/invite/:token

# File 'app/controllers/quo_vadis/sessions_controller.rb', line 87

def invite
  if (@user = QuoVadis.model_class.valid_token(params[:token]).first)
    # When we create a user who must activate their account, we give them
    # a random username and password.  However we want to treat them as if
    # they weren't set at all.
    @user.username = nil
    render 'sessions/invite'
  else
    invalid_token :activation
  end
end

#invite_to_activate(user, data = {}) ⇒ Object

Invites a user to set up their sign-in credentials.

# File 'app/controllers/quo_vadis/sessions_controller.rb', line 121

def invite_to_activate(user, data = {})
  return false if user.email.blank?
  user.generate_token!
  QuoVadis::Notifier.invite(user, data).deliver
  true
end

#new ⇒ Object

GET sign_in_path

# File 'app/controllers/quo_vadis/sessions_controller.rb', line 6

def new
  render 'sessions/new'
end

#update ⇒ Object

PUT change_password_path /sign-in/change-password/:token

# File 'app/controllers/quo_vadis/sessions_controller.rb', line 67

def update
  if (user = QuoVadis.model_class.valid_token(params[:token]).first)
    if params[:password].present?
      user.password = params[:password]
      if user.save
        user.clear_token
        flash_if_present :notice, 'quo_vadis.flash.forgotten.password_changed'
        sign_in user
      else
        render 'sessions/edit'
      end
    else
      render 'sessions/edit'
    end
  else
    invalid_token :forgotten
  end
end