Class: LoginController

Inherits:
ApplicationController show all
Defined in:
app/controllers/login_controller.rb

Instance Method Summary collapse

Methods inherited from ApplicationController

#admin_login_required, #all_done_todos_for, #boolean_param, cas_enabled?, #cas_enabled?, #count_deferred_todos, #count_undone_todos, #count_undone_todos_phrase, #done_todos_for, #enable_mobile_content_negotiation, #for_autocomplete, #format_date, #format_dependencies_as_json_for_auto_complete, #handle_unverified_request, #init_data_for_sidebar, #init_not_done_counts, #init_project_hidden_todo_counts, #mobile?, #notify, openid_enabled?, #openid_enabled?, #parse_date_per_user_prefs, prefered_auth?, #prefered_auth?, #redirect_back_or_home, #render_failure, #sanitize, #set_charset, #set_group_view_by, #set_locale, #set_session_expiration, #set_time_zone, #set_zindex_counter, #todo_xml_params

Methods included from LoginSystem

#access_denied, #authorize?, #basic_auth_denied, #current_user, #get_basic_auth_data, #get_current_user, #logged_in?, #login_from_cookie, #login_optional, #login_or_feed_token_required, #login_required, #logout_user, #prefs, #protect?, #redirect_back_or_default, #redirect_to_login, #set_current_user, #store_location

Instance Method Details

#check_expiryObject



36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
# File 'app/controllers/login_controller.rb', line 36

def check_expiry
  # Gets called by periodically_call_remote to check whether
  # the session has timed out yet
  unless session == nil
    if session
      return unless should_expire_sessions?
      # Get expiry time (allow ten seconds window for the case where we have none)
      expiry_time = session['expiry_time'] || Time.now + 10
      time_left = expiry_time - Time.now
      @session_expired = ( time_left < (10*60) ) # Session will time out before the next check
    end
  end
  respond_to do |format|
    format.js
  end
end

#handle_post_failureObject (private)



70
71
72
73
# File 'app/controllers/login_controller.rb', line 70

def handle_post_failure
  @login = params['user_login']
  notify :warning, t('login.unsuccessful')
end

#handle_post_successObject (private)



55
56
57
58
59
60
61
62
63
64
65
66
67
68
# File 'app/controllers/login_controller.rb', line 55

def handle_post_success
  session['user_id'] = @user.id
  # If checkbox on login page checked, we don't expire the session after 1 hour
  # of inactivity and we remember this user for future browser sessions
  session['noexpiry'] = params['user_noexpiry']
  msg = (should_expire_sessions?) ? "will expire after 1 hour of inactivity." : "will not expire."
  notify :notice, "Login successful: session #{msg}"
  cookies[:tracks_login] = { :value => @user., :expires => Time.now + 1.year, :secure => SITE_CONFIG['secure_cookies'] }
  unless should_expire_sessions?
    @user.remember_me
    cookies[:auth_token] = { :value => @user.remember_token , :expires => @user.remember_token_expires_at, :secure => SITE_CONFIG['secure_cookies'] }
  end
  redirect_back_or_home
end

#loginObject



11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
# File 'app/controllers/login_controller.rb', line 11

def 
  @page_title = "TRACKS::Login"
  cookies[:preferred_auth] = prefered_auth? unless cookies[:preferred_auth]
  case request.method
  when 'POST'
    if @user = User.authenticate(params['user_login'], params['user_password'])
      return handle_post_success
    else
      handle_post_failure
    end
  when 'GET'
    if User.no_users_yet?
      return redirect_to 
    end
  end
  respond_to do |format|
    format.html
    format.m   { render :action => 'login', :layout => 'mobile' }
  end
end

#logoutObject



32
33
34
# File 'app/controllers/login_controller.rb', line 32

def logout
  logout_user
end

#should_expire_sessions?Boolean (private)



75
76
77
# File 'app/controllers/login_controller.rb', line 75

def should_expire_sessions?
  session['noexpiry'] != "on"
end