So, now you can log in to the system and you'll be redirected back to…

… where you were trying to go
joshe · Aug 14, 2011 · ac439d6 · ac439d6
1 parent c09bb4f
commit ac439d6
Show file tree

Hide file tree

Showing 7 changed files with 52 additions and 10 deletions.
diff --git a/Gemfile.lock b/Gemfile.lock
@@ -48,7 +48,7 @@ GEM
       mime-types (~> 1.16)
       treetop (~> 1.4.8)
     mime-types (1.16)
-    mysql2 (0.2.7)
+    mysql2 (0.2.11)
     polyglot (0.3.1)
     rack (1.2.3)
     rack-mount (0.6.14)

diff --git a/app/controllers/access_controller.rb b/app/controllers/access_controller.rb
@@ -1,12 +1,14 @@
 class AccessController < ApplicationController
 
+  before_filter :confirm_logged_in, :except => [:login, :attempt_login, :logout]
+
   def index
     menu
     render 'menu' 
   end
 
   def new
-	@user = User.new
+	  @user = User.new
   end
 
   def create
@@ -28,19 +30,23 @@ def login
   end
 
   def attempt_login
-    authorized_user = User.authenticate(params[:username], params[:password])
+    @incomingController = params[:controller]
+    @incomingAction = params[:action]
+
+    authorized_user = User.authenticate(params[:email], params[:password])
     if authorized_user
-      # TODO: mark user as logged in
+      session[:user_id] = authorized_user.id
-      flash[:message] = "You are now logged in."
+      session[:email] = authorized_user.email
-      redirect_to :action => 'menu'
+      redirect_back(:action => 'index')
     else
       flash[:message] = "Invalid username/password combination"
       redirect_to :action => 'login'
     end
   end
 
   def logout
-    # TODO: mark user as logged out
+    session[:user_id] = nil
+    session[:email] = nil
     flash[:message] = "You have been logged out."
     redirect_to :action => "login"
   end

diff --git a/app/controllers/application_controller.rb b/app/controllers/application_controller.rb
@@ -1,3 +1,33 @@
 class ApplicationController < ActionController::Base
   protect_from_forgery
+
+  # redirect somewhere that will eventually return back to here
+  def redirect_away(*params)
+    session[:original_uri] = request.request_uri
+    redirect_to(*params)
+  end
+
+  # returns the person to either the original url from a redirect_away or to a default url
+  def redirect_back(*params)
+    uri = session[:original_uri]
+    session[:original_uri] = nil
+    if uri
+      redirect_to uri
+    else
+      redirect_to(*params)
+    end
+  end
+
+  protected 
+
+  def confirm_logged_in
+     unless session[:user_id]
+       flash[:message] = "Please log in."
+       redirect_away(:controller => "access", :action => "login")
+       return false # halts the before_filter
+     else
+       return true
+     end
+   end
+
 end
diff --git a/app/controllers/events_controller.rb b/app/controllers/events_controller.rb
@@ -1,7 +1,10 @@
 class EventsController < ApplicationController
 
+  before_filter :confirm_logged_in
+
   def index
     @events = Event.all
+    session[:return_to] ||= request.referer
   end
 
   def new

diff --git a/app/views/access/login.html.haml b/app/views/access/login.html.haml
@@ -4,8 +4,8 @@
   = form_tag :action => "attempt_login" do
     %table
       %tr
-        %td= label_tag(:username)
+        %td= label_tag(:email)
-        %td= text_field_tag(:username)
+        %td= text_field_tag(:email)
       %tr
         %td= label_tag(:password)
         %td= password_field_tag(:password)

diff --git a/app/views/access/menu.html.haml b/app/views/access/menu.html.haml
@@ -2,6 +2,7 @@
 
 .menu
   %h2 Admin menu
+  .username= "Logged in as #{session[:email]}"
   %ul.identity
     %li= link_to "Manage events", events_path
     %li= link_to "Manage users", "#"

diff --git a/app/views/layouts/_header.html.haml b/app/views/layouts/_header.html.haml
@@ -1 +1,3 @@
-%h1 Header
+%h1 Header
+- unless session[:user_id].nil?
+  = link_to 'Logout', :controller => "access", :action => "logout"