2012-06-17 03:15:46 +02:00
|
|
|
class LoginController < ApplicationController
|
2012-07-01 00:43:45 +02:00
|
|
|
before_filter :authenticate_user
|
2012-06-17 03:15:46 +02:00
|
|
|
|
2012-07-01 00:43:45 +02:00
|
|
|
def logout
|
|
|
|
|
if @user
|
|
|
|
|
reset_session
|
2012-06-17 03:15:46 +02:00
|
|
|
end
|
|
|
|
|
|
2012-07-01 00:43:45 +02:00
|
|
|
redirect_to "/"
|
|
|
|
|
end
|
2012-06-17 03:15:46 +02:00
|
|
|
|
2012-07-01 00:43:45 +02:00
|
|
|
def index
|
2012-09-07 16:18:15 +02:00
|
|
|
@title = "Login"
|
2012-06-17 03:15:46 +02:00
|
|
|
render :action => "index"
|
|
|
|
|
end
|
|
|
|
|
|
|
|
|
|
def login
|
2014-01-12 22:09:32 +01:00
|
|
|
if params[:email].to_s.match(/@/)
|
|
|
|
|
user = User.where(:email => params[:email]).first
|
|
|
|
|
else
|
|
|
|
|
user = User.where(:username => params[:email]).first
|
|
|
|
|
end
|
|
|
|
|
|
2014-01-13 17:12:17 +01:00
|
|
|
if user && user.is_active? &&
|
2013-02-08 17:39:51 +01:00
|
|
|
user.try(:authenticate, params[:password].to_s)
|
2012-06-17 03:15:46 +02:00
|
|
|
session[:u] = user.session_token
|
|
|
|
|
return redirect_to "/"
|
|
|
|
|
end
|
|
|
|
|
|
2012-07-01 20:31:31 +02:00
|
|
|
flash.now[:error] = "Invalid e-mail address and/or password."
|
2012-06-17 03:15:46 +02:00
|
|
|
index
|
|
|
|
|
end
|
|
|
|
|
|
|
|
|
|
def forgot_password
|
2012-09-07 16:18:15 +02:00
|
|
|
@title = "Reset Password"
|
2012-06-17 03:15:46 +02:00
|
|
|
render :action => "forgot_password"
|
|
|
|
|
end
|
|
|
|
|
|
|
|
|
|
def reset_password
|
2013-02-08 17:39:51 +01:00
|
|
|
@found_user = User.where("email = ? OR username = ?", params[:email].to_s,
|
|
|
|
|
params[:email].to_s).first
|
2012-06-17 03:15:46 +02:00
|
|
|
|
|
|
|
|
if !@found_user
|
2012-07-01 20:31:31 +02:00
|
|
|
flash.now[:error] = "Invalid e-mail address or username."
|
2012-06-17 03:15:46 +02:00
|
|
|
return forgot_password
|
|
|
|
|
end
|
|
|
|
|
|
2012-07-03 18:59:50 +02:00
|
|
|
@found_user.initiate_password_reset_for_ip(request.remote_ip)
|
2012-06-17 03:15:46 +02:00
|
|
|
|
2012-07-01 20:31:31 +02:00
|
|
|
flash.now[:success] = "Password reset instructions have been e-mailed " <<
|
|
|
|
|
"to you."
|
2012-06-17 03:15:46 +02:00
|
|
|
return index
|
|
|
|
|
end
|
|
|
|
|
|
|
|
|
|
def set_new_password
|
2012-09-07 16:18:15 +02:00
|
|
|
@title = "Reset Password"
|
|
|
|
|
|
2012-06-17 03:15:46 +02:00
|
|
|
if params[:token].blank? ||
|
2013-12-24 04:20:06 +01:00
|
|
|
!(@reset_user = User.where(:password_reset_token => params[:token].to_s).first)
|
2012-06-17 03:15:46 +02:00
|
|
|
flash[:error] = "Invalid reset token. It may have already been " <<
|
|
|
|
|
"used or you may have copied it incorrectly."
|
|
|
|
|
return redirect_to forgot_password_url
|
|
|
|
|
end
|
|
|
|
|
|
2013-02-08 17:39:51 +01:00
|
|
|
if params[:password].present?
|
2012-06-17 03:15:46 +02:00
|
|
|
@reset_user.password = params[:password]
|
|
|
|
|
@reset_user.password_confirmation = params[:password_confirmation]
|
|
|
|
|
@reset_user.password_reset_token = nil
|
|
|
|
|
|
2012-07-01 20:31:31 +02:00
|
|
|
# this will get reset upon save
|
|
|
|
|
@reset_user.session_token = nil
|
|
|
|
|
|
2014-01-13 17:12:17 +01:00
|
|
|
if @reset_user.save && @reset_user.is_active?
|
2012-06-17 03:15:46 +02:00
|
|
|
session[:u] = @reset_user.session_token
|
|
|
|
|
return redirect_to "/"
|
|
|
|
|
end
|
|
|
|
|
end
|
|
|
|
|
end
|
|
|
|
|
end
|
