forked from thiyagarajan/BBYIDX
-
Notifications
You must be signed in to change notification settings - Fork 0
/
sessions_controller.rb
107 lines (90 loc) · 3.12 KB
/
sessions_controller.rb
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
require 'ostruct'
# This controller handles login/logout functionality.
class SessionsController < ApplicationController
include AuthenticatedSystem
include TwitterHelper
def new
@body_class = 'login'
end
def new_twitter
redirect_to twitter_auth_request_url(create_twitter_session_url)
end
# No need face new_facebook here, because login initiation happens client-side via FB's Javascript API.
def create
user = User.find_by_login(params[:email], params[:password])
if user
self.current_user = user
if params[:remember_me] == "1"
current_user.remember_me unless current_user.remember_token?
cookies[:auth_token] = { :value => self.current_user.remember_token , :expires => self.current_user.remember_token_expires_at }
end
response_for_successful_login
else
flash.now[:error] = render_to_string :partial => 'login_failed'
render :action => 'new'
end
end
def create_twitter
credentials = verify_twitter_authorization
unless credentials.blank?
if user = User.find_by_twitter_handle(credentials.screen_name)
self.current_user = user
# Credentials can change if user deauthorizes us, then reauthorizes
user.twitter_token = twitter_oauth.access_token.token
user.twitter_secret = twitter_oauth.access_token.secret
user.save!
response_for_successful_login
else
redirect_to new_user_path(
:user => {
:name => credentials.name,
:twitter_handle => credentials.screen_name,
:twitter_token => twitter_oauth.access_token.token,
:twitter_secret => twitter_oauth.access_token.secret })
end
else
flash.now[:info] = "Twitter login canceled."
redirect_to login_path
end
end
def create_facebook
if current_facebook_user
user = User.find_by_facebook_uid(current_facebook_user.id)
if user
self.current_user = user
user.facebook_access_token = current_facebook_client.access_token
user.save!
response_for_successful_login
else
# current_facebook_user only contains the uid, because it comes straight from the cookie.
# To get the user's name & email, we need to talk to the FB servers.
full_facebook_user = Mogli::User.find("me", current_facebook_client)
redirect_to new_user_path(
:user => {
:name => full_facebook_user.name,
:email => full_facebook_user.email,
:facebook_name => full_facebook_user.name },
:facebook_create => true)
end
else
redirect_to login_path
end
end
def destroy
self.current_user.forget_me if logged_in?
cookies.delete :auth_token
reset_session
flash[:info] = "You are now logged out. Thanks for using #{SHORT_SITE_NAME}!"
redirect_back_or_default root_path
end
private
def response_for_successful_login
redirect_back_or_default do
if current_user.active?
redirect_to root_path
else
render :action => 'inactive'
end
end
end
end