Class: Caboose::LoginController

Inherits:

ApplicationController

• Object
• ActionController::Base
• ApplicationController
• Caboose::LoginController

Defined in:

app/controllers/caboose/login_controller.rb

Instance Method Summary

• #forgot_password_form ⇒ Object
• #index ⇒ Object
• #login ⇒ Object
• #reset_password ⇒ Object
• #reset_password_form ⇒ Object
• #send_reset_email ⇒ Object

Methods inherited from ApplicationController

#add_ga_event, #admin_add, #admin_bulk_add, #admin_bulk_delete, #admin_bulk_update, #admin_delete, #admin_edit, #admin_index, #admin_json, #admin_json_single, #admin_update, #before_action, #before_before_action, #hashify_query_string, #init_cart, #logged_in?, #logged_in_user, #login_user, #logout_user, #parse_url_params, #reject_param, #under_construction_or_forwarding_domain?, #user_is_allowed, #user_is_allowed_to, #validate_cookie, #validate_token, #var, #verify_logged_in

Instance Method Details

#forgot_password_form ⇒ Object

# File 'app/controllers/caboose/login_controller.rb', line 51

def forgot_password_form
  @return_url = params[:return_url].nil? ? "/" : params[:return_url]
  @modal = params[:modal].nil? ? false : params[:modal]
  redirect_to @return_url if logged_in?
  render :layout => Caboose::login_layout
end

#index ⇒ Object

# File 'app/controllers/caboose/login_controller.rb', line 6

def index
  if params[:logout]
    logout_user
    elo = User.find(User::LOGGED_OUT_USER_ID)        
    login_user(elo)
  end      
  @return_url = params[:return_url].nil? ? "/" : params[:return_url]
  @modal = params[:modal].nil? ? false : params[:modal]
  redirect_to @return_url and return if logged_in?
  render :layout => Caboose::login_layout
end

#login ⇒ Object

# File 'app/controllers/caboose/login_controller.rb', line 19

def login      
  resp = StdClass.new('error' => '', 'redirect' => '')
  return_url = params[:return_url].nil? ? "/" : params[:return_url]
  
  if logged_in?
    resp.redirect = return_url
  else
    username = params[:username].downcase
    password = params[:password]
                       
    if username.nil? || password.nil? || password.strip.length == 0
      resp.error = "Invalid credentials"
    else          
      bouncer_class = Caboose::authenticator_class.constantize
      bouncer = bouncer_class.new
      login_resp = bouncer.authenticate(username, password, @site, request)
      
      if login_resp.error
        resp.error = login_resp.error
      else
        remember = params[:remember] && (params[:remember] == 1 || params[:remember] == "1")            
        login_user(login_resp.user, remember)            
        #resp.redirect = return_url
        resp.redirect = Caboose.plugin_hook('login_success', return_url, login_resp.user)
        resp.modal = false                        
      end
    end
  end
  render :json => resp      
end

#reset_password ⇒ Object

# File 'app/controllers/caboose/login_controller.rb', line 103

def reset_password
   @return_url = params[:return_url].nil? ? "/" : params[:return_url]
   redirect_to @return_url if logged_in?
   
   resp = Caboose::StdClass.new
	
  reset_id = params[:id]
  pass1    = params[:pass1]
  pass2    = params[:pass2]
  
  if reset_id.nil? || reset_id.strip.length == 0
    resp.error = "No reset ID was given."
  else
    user = Caboose::User.user_for_reset_id(reset_id)
  	
  	if user.nil?
  	  resp.error = "The given reset ID is invalid."
  	elsif pass1 != pass2
  		resp.error = "Passwords don't match."
  	elsif pass1.length < 8
  	  resp.error = "Passwords must be at least 8 characters"
  	else          
  	  user.password = Digest::SHA1.hexdigest(Caboose::salt + pass1)
  	  user.password_reset_id = ''
  	  user.password_reset_sent = ''
  	  user.save
  		resp.redirect = '/login'
  	end
  	
  end
  render :json => resp
end

#reset_password_form ⇒ Object

# File 'app/controllers/caboose/login_controller.rb', line 93

def reset_password_form
@return_url = params[:return_url].nil? ? "/" : params[:return_url]
  redirect_to @return_url if logged_in?
  return
  @reset_id = params[:reset_id]      
  @user = Caboose::User.user_for_reset_id(@reset_id)
  render :layout => Caboose::login_layout
end

#send_reset_email ⇒ Object

# File 'app/controllers/caboose/login_controller.rb', line 59

def send_reset_email
    @return_url = params[:return_url].nil? ? "/" : params[:return_url]
    redirect_to @return_url if logged_in?
  
    resp = Caboose::StdClass.new		      		
    username = params[:username]
    
  if username.nil? || username.strip.length == 0       
  	resp.error = "You must enter a username."
      render :json => resp		  	
  	return
  end
  
  bob = Caboose::User.where(:site_id => @site.id, :username => username).first
  bob = Caboose::User.where(:site_id => @site.id, :email    => username).first if bob.nil?		  
  
  if bob.nil?		
	  resp.error = "The given email or username is not in our system."
	  render :json => resp
	  return
	end
	
  rand = Array.new(20){rand(36).to_s(36)}.join		  
  bob.password_reset_id = rand
  bob.password_reset_sent = DateTime.now
  bob.save
  		  		  
  LoginMailer.configure_for_site(@site.id).forgot_password_email(bob).deliver		  
  		  
  resp.success = "We just sent you an email.  The reset link inside is good for 3 days."
  render :json => resp
end