Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with
or
.
Download ZIP
Newer
Older
100644 82 lines (67 sloc) 2.478 kb
2b64c6d @sj26 Make all controllers inherit from a single DeviseController
sj26 authored
1 class Devise::SessionsController < DeviseController
868d3d8 @carlosantoniodasilva Do a final pass removing spaces around square brackets
carlosantoniodasilva authored
2 prepend_before_filter :require_no_authentication, only: [:new, :create]
dc1b399 @justanshulsharma Updated ruby 1.9 hash syntax
justanshulsharma authored
3 prepend_before_filter :allow_params_authentication!, only: :create
571dead @laurocaetano Check if there is a signed in user before sign out.
laurocaetano authored
4 prepend_before_filter :verify_signed_out_user, only: :destroy
868d3d8 @carlosantoniodasilva Do a final pass removing spaces around square brackets
carlosantoniodasilva authored
5 prepend_before_filter only: [:create, :destroy] { request.env["devise.skip_timeout"] = true }
dede8af @josevalim Do not include Devise internal helpers in application controller.
josevalim authored
6
b21b629 @carlosantoniodasilva Better documentation.
carlosantoniodasilva authored
7 # GET /resource/sign_in
7ce49cb @carlosantoniodasilva Configuring session and password controllers as engine, and getting i…
carlosantoniodasilva authored
8 def new
8a93c34 @josevalim Clean up Devise parameter sanitizer
josevalim authored
9 self.resource = resource_class.new(sign_in_params)
4a4dcb3 @josevalim sessions/new also responds to xml and json now
josevalim authored
10 clean_up_passwords(resource)
3902e07 @mtarnovan Yield the resource in SessionsController#new
mtarnovan authored
11 yield resource if block_given?
83c4755 @josevalim Extract auth_options into its own method.
josevalim authored
12 respond_with(resource, serialize_options(resource))
7ce49cb @carlosantoniodasilva Configuring session and password controllers as engine, and getting i…
carlosantoniodasilva authored
13 end
14
b21b629 @carlosantoniodasilva Better documentation.
carlosantoniodasilva authored
15 # POST /resource/sign_in
7ce49cb @carlosantoniodasilva Configuring session and password controllers as engine, and getting i…
carlosantoniodasilva authored
16 def create
564e588 @adammcnamara Assigns object to self.resource, changing variable scope.
adammcnamara authored
17 self.resource = warden.authenticate!(auth_options)
c87809a @ssendev Separate redirects and flash messages in navigational_formats and fla…
ssendev authored
18 set_flash_message(:notice, :signed_in) if is_flashing_format?
e8e3df3 @sikachu Add support for non-navigational format response to SessionsController
sikachu authored
19 sign_in(resource_name, resource)
9890711 @edelpero Adds yield around resource on devise controllers
edelpero authored
20 yield resource if block_given?
dc1b399 @justanshulsharma Updated ruby 1.9 hash syntax
justanshulsharma authored
21 respond_with resource, location: after_sign_in_path_for(resource)
7ce49cb @carlosantoniodasilva Configuring session and password controllers as engine, and getting i…
carlosantoniodasilva authored
22 end
23
15b76e9 @josevalim The default here is now DELETE.
josevalim authored
24 # DELETE /resource/sign_out
7ce49cb @carlosantoniodasilva Configuring session and password controllers as engine, and getting i…
carlosantoniodasilva authored
25 def destroy
65f08ea Removing signed_out path workaround
Rodrigo Flores authored
26 signed_out = (Devise.sign_out_all_scopes ? sign_out : sign_out(resource_name))
c87809a @ssendev Separate redirects and flash messages in navigational_formats and fla…
ssendev authored
27 set_flash_message :notice, :signed_out if signed_out && is_flashing_format?
1eab594 @lucasmazza `SessionsController#destroy` no longer yields the resource object.
lucasmazza authored
28 yield if block_given?
571dead @laurocaetano Check if there is a signed in user before sign out.
laurocaetano authored
29 respond_to_on_destroy
7ce49cb @carlosantoniodasilva Configuring session and password controllers as engine, and getting i…
carlosantoniodasilva authored
30 end
4a4dcb3 @josevalim sessions/new also responds to xml and json now
josevalim authored
31
32 protected
33
8a93c34 @josevalim Clean up Devise parameter sanitizer
josevalim authored
34 def sign_in_params
4e318b5 @josevalim Simplify parameter sanitization proposal
josevalim authored
35 devise_parameter_sanitizer.sanitize(:sign_in)
8a93c34 @josevalim Clean up Devise parameter sanitizer
josevalim authored
36 end
37
83c4755 @josevalim Extract auth_options into its own method.
josevalim authored
38 def serialize_options(resource)
3cedba1 @ches Fix optional enforcement of particular authentication keys
ches authored
39 methods = resource_class.authentication_keys.dup
40 methods = methods.keys if methods.is_a?(Hash)
41 methods << :password if resource.respond_to?(:password)
dc1b399 @justanshulsharma Updated ruby 1.9 hash syntax
justanshulsharma authored
42 { methods: methods, only: [:password] }
4a4dcb3 @josevalim sessions/new also responds to xml and json now
josevalim authored
43 end
83c4755 @josevalim Extract auth_options into its own method.
josevalim authored
44
45 def auth_options
dc1b399 @justanshulsharma Updated ruby 1.9 hash syntax
justanshulsharma authored
46 { scope: resource_name, recall: "#{controller_path}#new" }
83c4755 @josevalim Extract auth_options into its own method.
josevalim authored
47 end
571dead @laurocaetano Check if there is a signed in user before sign out.
laurocaetano authored
48
c2fb80d @rosenfeld Use Devise translations when inheriting from core controllers
rosenfeld authored
49 def translation_scope
50 'devise.sessions'
51 end
52
571dead @laurocaetano Check if there is a signed in user before sign out.
laurocaetano authored
53 private
54
55 # Check if there is no signed in user before doing the sign out.
56 #
57 # If there is no signed in user, it will set the flash message and redirect
58 # to the after_sign_out path.
59 def verify_signed_out_user
60 if all_signed_out?
61 set_flash_message :notice, :already_signed_out if is_flashing_format?
62
63 respond_to_on_destroy
64 end
65 end
66
67 def all_signed_out?
68 users = Devise.mappings.keys.map { |s| warden.user(scope: s, run_callbacks: false) }
69
70 users.all?(&:blank?)
71 end
72
73 def respond_to_on_destroy
74 # We actually need to hardcode this as Rails default responder doesn't
75 # support returning empty response on GET request
76 respond_to do |format|
77 format.all { head :no_content }
78 format.any(*navigational_formats) { redirect_to after_sign_out_path_for(resource_name) }
79 end
80 end
3cedba1 @ches Fix optional enforcement of particular authentication keys
ches authored
81 end
Something went wrong with that request. Please try again.