Class: Cms::SessionsController

Inherits:
ApplicationController show all
Defined in:
app/controllers/cms/sessions_controller.rb

Overview

This controller handles the login/logout function of the site.

Instance Method Summary collapse

Methods included from PageHelper

#able_to?, #cms_toolbar, #container, #container_has_block?, #current_page, #page_title, #render_breadcrumbs, #render_portlet

Methods included from PathHelper

#cms_connectable_path, #cms_index_path_for, #cms_index_url_for, #cms_new_path_for, #cms_new_url_for, #edit_cms_connectable_path

Methods included from ErrorHandling

#handle_access_denied, #handle_server_error, included

Instance Method Details

#createObject 



11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
 
# File 'app/controllers/cms/sessions_controller.rb', line 11

def create
  logout_keeping_session!
  user = User.authenticate(params[:login], params[:password])
  if user
    # Protects against session fixation attacks, causes request forgery
    # protection if user resubmits an earlier form using back
    # button. Uncomment if you understand the tradeoffs.
    # reset_session
    self.current_user = user
    new_cookie_flag = (params[:remember_me] == "1")
    handle_remember_cookie! new_cookie_flag
    flash[:notice] = "Logged in successfully"
    if params[:success_url] # Coming from login portlet
      redirect_to((!params[:success_url].blank? && params[:success_url]) || session[:return_to] || "/")
      session[:return_to] = nil
    else
      redirect_back_or_default(cms_home_url)
    end
  else
    
    @login       = params[:login]
    @remember_me = params[:remember_me]
    flash[:login_error] = "Log in failed"
    if params[:success_url] # Coming from login portlet
      if params[:success_url].blank?
        success_url = session[:return_to] || "/"
      else
        success_url = params[:success_url]
      end
      flash[:login] = params[:login]
      flash[:remember_me] = params[:remember_me]
      flash[:success_url] = success_url
      redirect_to request.referrer
    else
      render :action => "new"
    end
  end
end

#destroyObject 



50
51
52
53
 
# File 'app/controllers/cms/sessions_controller.rb', line 50

def destroy
  logout_user
  redirect_back_or_default("/")
end

#newObject 



7
8
9
 
# File 'app/controllers/cms/sessions_controller.rb', line 7

def new

end