app/views/layouts/_check_availability.rhtml @@ -7,6 +7,15 @@ class ApplicationController < ActionController::Base # See ActionController::RequestForgeryProtection for details # Uncomment the :secret if you're not using the cookie session store protect_from_forgery # :secret => '707a4952295d1c5b3fb29c6e90697724' + + helper_method :current_user, :logged_in? + def current_user + @current_user ||= User.find_by_id(session[:user_id]) + end + + def logged_in? + current_user != nil + end # See ActionController::Base for details # Uncomment this to filter the contents of submitted sensitive data parameters app/controllers/application.rb @@ -36,6 +36,23 @@ class LoginController < ApplicationController end def login + session[:user_id] = nil + if request.post? + user = User.authenticate(params[:username], params[:password]) + if user + session[:user_id] = user.id + redirect_to(:action => "index", :controller => :login ) + else + flash.now[:error] = "Enter valid username/password" + render(:action => "login" ) + end + end + end + + def logout + session[:user_id] = nil + flash[:notice] = "You have successfully Logged out" + redirect_to(:action => "login" ) end end app/controllers/login_controller.rb @@ -2,6 +2,8 @@ class User < ActiveRecord::Base require 'digest/sha1' validates_presence_of :username, :firstname, :lastname, :email + validates_format_of :email, + :with => /^([^@\s]+)@((?:[-a-z0-9]+\.)+[a-z]{2,})$/i validates_uniqueness_of :username, :email attr_accessor :password_confirmation @@ -18,6 +20,17 @@ class User < ActiveRecord::Base self.hashed_password = User.encrypted_password(self.password, self.salt) end + def self.authenticate(username, password) + user = self.find_by_username(username) + if user + expected_password = encrypted_password(password, user.salt) + if user.hashed_password != expected_password + user = nil + end + end + user + end + private def self.encrypted_password(password, salt) app/models/user.rb @@ -1,2 +1,3 @@ <h1>Login#index</h1> -<p>Find me in app/views/login/index.html.erb</p> +<p><%= "welcome #{current_user.username}, u r logged in!"%></p> +<%= link_to 'Logout', :action => "logout", :controller => :login %> app/views/login/index.html.erb @@ -1,2 +1,21 @@ -<h1>Login#login</h1> -<p>Find me in app/views/login/login.html.erb</p> +<div class="loginarea"> + <fieldset> + <legend>Enter Login Details</legend> + <% form_tag do %> + <div> + <p> + <label for="username" class="left" style="width:40%;">UserName:</label> + <%= text_field_tag :username, params[:username] %> + </p> + <p> + <label for="password" class="left" style="width:40%;">Password:</label> + <%= password_field_tag :password, params[:password] %> + </p> + </div> + <p> + <%= submit_tag "Login" %> + <%= link_to 'NewUser', :action => "new", :controller => :login %> + </p> + <% end %> + </fieldset> +</div> app/views/login/login.html.erb b872fdc0794e35873244ad6b87e4bc080bd5b1b3 Payal Gupta cool.payal1985@gmail.com http://github.com/payalgupta/todo-list/commit/0619471b221332da38decda84383086bd4677c88 0619471b221332da38decda84383086bd4677c88 2008-07-17T23:00:47-07:00 2008-07-17T23:00:47-07:00 Login/Logout Functionality 8f41fa0353397bc5e20a0b8f51cbfc59a9eac07a Payal Gupta cool.payal1985@gmail.com