| 1 |
require "openid" |
| 2 |
require "yadis" |
| 3 |
|
| 4 |
class SessionsController < ApplicationController |
| 5 |
|
| 6 |
def new |
| 7 |
end |
| 8 |
|
| 9 |
def create |
| 10 |
if using_open_id? |
| 11 |
open_id_authentication(params[:openid_url]) |
| 12 |
else |
| 13 |
password_authentication(params[:email], params[:password]) |
| 14 |
end |
| 15 |
end |
| 16 |
|
| 17 |
def destroy |
| 18 |
self.current_user.forget_me if logged_in? |
| 19 |
cookies.delete :auth_token |
| 20 |
reset_session |
| 21 |
flash[:notice] = "You have been logged out." |
| 22 |
redirect_back_or_default('/') |
| 23 |
end |
| 24 |
|
| 25 |
protected |
| 26 |
|
| 27 |
|
| 28 |
|
| 29 |
def open_id_authentication(openid_url) |
| 30 |
authenticate_with_open_id(openid_url, :required => [:nickname, :email], :optional => [:fullname]) do |result, identity_url, registration| |
| 31 |
if result.successful? |
| 32 |
@user = User.find_or_initialize_by_identity_url(identity_url) |
| 33 |
if @user.new_record? |
| 34 |
@user.login = registration['nickname'] |
| 35 |
@user.fullname = registration['fullname'] |
| 36 |
@user.email = registration['email'] |
| 37 |
@user.save! |
| 38 |
@user.activate |
| 39 |
end |
| 40 |
self.current_user = @user |
| 41 |
successful_login |
| 42 |
else |
| 43 |
failed_login result.message, 'openid' |
| 44 |
end |
| 45 |
end |
| 46 |
rescue ActiveRecord::RecordInvalid => invalid |
| 47 |
flash[:error] = "This login (<strong>#{@user.login}</strong>) already exists, please <a href="+@user.identity_url+">choose a different persona or modify the current one</a>" |
| 48 |
|
| 49 |
redirect_to login_path(:method => 'openid') |
| 50 |
end |
| 51 |
|
| 52 |
def password_authentication(email, password) |
| 53 |
|
| 54 |
self.current_user = User.authenticate(email, password) |
| 55 |
if logged_in? |
| 56 |
successful_login |
| 57 |
else |
| 58 |
failed_login("Username/password didn't match, please try again.") |
| 59 |
end |
| 60 |
end |
| 61 |
|
| 62 |
def failed_login(message = "Authentication failed.",method="") |
| 63 |
if method=='' |
| 64 |
flash.now[:error] = message |
| 65 |
render :action => 'new' |
| 66 |
else |
| 67 |
redirect_to login_path(:method=>method) |
| 68 |
flash[:error] = message |
| 69 |
end |
| 70 |
end |
| 71 |
|
| 72 |
def successful_login |
| 73 |
if params[:remember_me] == "1" |
| 74 |
self.current_user.remember_me |
| 75 |
cookies[:auth_token] = { :value => self.current_user.remember_token , :expires => self.current_user.remember_token_expires_at } |
| 76 |
end |
| 77 |
redirect_back_or_default('/') |
| 78 |
flash[:notice] = "Logged in successfully" |
| 79 |
end |
| 80 |
|
| 81 |
end |
