Class: Users::SessionsController

Inherits:

Devise::SessionsController

Object
Devise::SessionsController
Users::SessionsController

show all

Defined in:: app/controllers/users/sessions_controller.rb

Overview

require “uri”

Instance Method Summary collapse

#create ⇒ Object

Creates a new session for the user and allows them access to the platform.

Instance Method Details

#create ⇒ `Object`

Creates a new session for the user and allows them access to the platform

# File 'app/controllers/users/sessions_controller.rb', line 38

def create

    # search for a existing user 
    user = ::Lesli::User.find_for_database_authentication(email: sign_in_params[:email])        

    # respond with a no valid credentials generic error if not valid user found
    unless user
        danger(I18n.t("lesli.users/sessions.message_invalid_credentials"))
        redirect_to user_session_path(:r => sign_in_params[:redirect]) and return 
    end

    # save a invalid credentials log for the requested user
    activity = user.activities.new({ title: "session_create", description:"atempt" })

    # check password validation
    unless user.valid_password?(sign_in_params[:password])

        # save a invalid credentials log for the requested user
        activity.update(description: "invalid_credentials")

        # respond with a no valid credentials generic error if not valid user found
        danger(I18n.t("lesli.users/sessions.message_invalid_credentials"))
        redirect_to user_session_path(:r => sign_in_params[:redirect]) and return 
    end

    # check if user meet requirements to create a new session
    Lesli::UsersValidator.new(user).valid? do |valid, failures|

        # if user do not meet requirements to login
        unless valid

            activity.update(description: failures.join(", "))

            danger(failures.join(", "))
            redirect_to user_session_path(:r => sign_in_params[:redirect]) and return 
        end
    end


    # remember the user (not enabled by default)
    # remember_me(user) if sign_in_params[:remember_me] == '1'


    # create a new session for the user
    current_session = Lesli::User::SessionService.new(user)
    .create(get_user_agent(false), request.remote_ip)
    .result

    # make session id globally available
    session[:user_session_id] = current_session[:id]

    # create a new multi factor authentication service instance for the current user 
    #mfa_service = User::MfaService.new(user, log)

    # generate a new mfa for the current session (if enabled)
    #mfa_service.generate do |success|
        # mfa was successfully generated, return the user to the mfa page
        # return respond_with_successful({ default_path: "mfa" }) if success
    #end 

    # do a user login
    sign_in(:user, user)

    # create a log for login atempts
    activity.update({ 
        title: "session_create", 
        description: "successful", 
        session_id: current_session[:id] 
    })

    # respond successful and send the path user should go
    #respond_with_successful({ default_path: user.has_role_with_default_path?() })
    #respond_with_successful({ default_path: Lesli.config.path_after_login || "/" })
    redirect_to(safe_redirect_path(sign_in_params[:redirect]))
end

Class: Users::SessionsController

Overview

Instance Method Summary collapse

Instance Method Details

#create ⇒ Object

#create ⇒ `Object`