Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with HTTPS or Subversion.

Download ZIP
Newer
Older
100644 51 lines (42 sloc) 1.641 kb
2b64c6d @sj26 Make all controllers inherit from a single DeviseController
sj26 authored
1 class Devise::SessionsController < DeviseController
a5ba2ac @carlosantoniodasilva Use prepend_before_filter in require_no_authentication.
carlosantoniodasilva authored
2 prepend_before_filter :require_no_authentication, :only => [ :new, :create ]
ab9d856 @josevalim Add a deprecation warning for previous controller authorization style.
josevalim authored
3 prepend_before_filter :allow_params_authentication!, :only => :create
41a9118 @josevalim Do not trigger timeout on sign in related actions
josevalim authored
4 prepend_before_filter { request.env["devise.skip_timeout"] = true }
dede8af @josevalim Do not include Devise internal helpers in application controller.
josevalim authored
5
b21b629 @carlosantoniodasilva Better documentation.
carlosantoniodasilva authored
6 # GET /resource/sign_in
7ce49cb @carlosantoniodasilva Configuring session and password controllers as engine, and getting inte...
carlosantoniodasilva authored
7 def new
885d883 @davout Ability to use `attr_protected` attributes as sign-in keys without trigg...
davout authored
8 resource = build_resource(nil, :unsafe => true)
4a4dcb3 @josevalim sessions/new also responds to xml and json now
josevalim authored
9 clean_up_passwords(resource)
83c4755 @josevalim Extract auth_options into its own method.
josevalim authored
10 respond_with(resource, serialize_options(resource))
7ce49cb @carlosantoniodasilva Configuring session and password controllers as engine, and getting inte...
carlosantoniodasilva authored
11 end
12
b21b629 @carlosantoniodasilva Better documentation.
carlosantoniodasilva authored
13 # POST /resource/sign_in
7ce49cb @carlosantoniodasilva Configuring session and password controllers as engine, and getting inte...
carlosantoniodasilva authored
14 def create
83c4755 @josevalim Extract auth_options into its own method.
josevalim authored
15 resource = warden.authenticate!(auth_options)
e8e3df3 @sikachu Add support for non-navigational format response to SessionsController
sikachu authored
16 set_flash_message(:notice, :signed_in) if is_navigational_format?
17 sign_in(resource_name, resource)
bba6562 @josevalim after_sign_in_path_for now redirects to session[scope_return_to] if any ...
josevalim authored
18 respond_with resource, :location => after_sign_in_path_for(resource)
7ce49cb @carlosantoniodasilva Configuring session and password controllers as engine, and getting inte...
carlosantoniodasilva authored
19 end
20
15b76e9 @josevalim The default here is now DELETE.
josevalim authored
21 # DELETE /resource/sign_out
7ce49cb @carlosantoniodasilva Configuring session and password controllers as engine, and getting inte...
carlosantoniodasilva authored
22 def destroy
9ea7249 @hinrik Allow specifying a resource_return_to for sign out
hinrik authored
23 redirect_path = after_sign_out_path_for(resource_name)
65f08ea Removing signed_out path workaround
Rodrigo Flores authored
24 signed_out = (Devise.sign_out_all_scopes ? sign_out : sign_out(resource_name))
25 set_flash_message :notice, :signed_out if signed_out
0487e9e @sikachu Add support for `destory_user_session_path` in another non-navigational ...
sikachu authored
26
1e37e42 @josevalim Do not use stored location for sign out.
josevalim authored
27 # We actually need to hardcode this as Rails default responder doesn't
0487e9e @sikachu Add support for `destory_user_session_path` in another non-navigational ...
sikachu authored
28 # support returning empty response on GET request
29 respond_to do |format|
9ea7249 @hinrik Allow specifying a resource_return_to for sign out
hinrik authored
30 format.any(*navigational_formats) { redirect_to redirect_path }
5b94d9b @josevalim Refactor a bit navigational format responses, to not call to_sym and reu...
josevalim authored
31 format.all do
6664acd @julianvargasalvarez Use 'head :no_content' in sessions_controller#destroy
julianvargasalvarez authored
32 head :no_content
5b94d9b @josevalim Refactor a bit navigational format responses, to not call to_sym and reu...
josevalim authored
33 end
0487e9e @sikachu Add support for `destory_user_session_path` in another non-navigational ...
sikachu authored
34 end
7ce49cb @carlosantoniodasilva Configuring session and password controllers as engine, and getting inte...
carlosantoniodasilva authored
35 end
4a4dcb3 @josevalim sessions/new also responds to xml and json now
josevalim authored
36
37 protected
38
83c4755 @josevalim Extract auth_options into its own method.
josevalim authored
39 def serialize_options(resource)
3cedba1 @ches Fix optional enforcement of particular authentication keys
ches authored
40 methods = resource_class.authentication_keys.dup
41 methods = methods.keys if methods.is_a?(Hash)
42 methods << :password if resource.respond_to?(:password)
43 { :methods => methods, :only => [:password] }
4a4dcb3 @josevalim sessions/new also responds to xml and json now
josevalim authored
44 end
83c4755 @josevalim Extract auth_options into its own method.
josevalim authored
45
46 def auth_options
47 { :scope => resource_name, :recall => "#{controller_path}#new" }
48 end
3cedba1 @ches Fix optional enforcement of particular authentication keys
ches authored
49 end
50
Something went wrong with that request. Please try again.