Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with HTTPS or Subversion.

Download ZIP
Browse files

added some more support for a single login

  • Loading branch information...
commit a86c05a646a322281ce40aed2eb869e3071b21c7 1 parent 88e69a5
@timriley authored
View
5 app/controllers/admin/admin_controller.rb
@@ -0,0 +1,5 @@
+class Admin::AdminController < ApplicationController
+ include SingleLogin
+
+ before_filter :login_required
+end
View
19 app/controllers/admin/logins_controller.rb
@@ -1,4 +1,21 @@
-class LoginsController < ApplicationController
+class Admin::LoginsController < ApplicationController
+ def new
+ end
+ def create
+ if Settings.instance.crypted_password?(params[:password])
+ session[:logged_in] == true
+ redirect_back_or_default('/')
+ flash[:notice] = "Logged in successfully"
+ else
+ flash[:error] = 'Incorrect password'
+ render :action => 'new'
+ end
+ end
+ def destroy
+ reset_session
+ flash[:notice] = 'Logged out'
+ redirect_back_or_default('/')
+ end
end
View
64 lib/single_login.rb
@@ -0,0 +1,64 @@
+module SingleLogin
+ protected
+
+ # Returns true or false if the user is logged in.
+ # Preloads @current_user with the user model if they're logged in.
+ def logged_in?
+ !!session[:logged_in]
+ end
+
+ # Filter method to enforce a login requirement.
+ #
+ # To require logins for all actions, use this in your controllers:
+ #
+ # before_filter :login_required
+ #
+ # To require logins for specific actions, use this in your controllers:
+ #
+ # before_filter :login_required, :only => [ :edit, :update ]
+ #
+ # To skip this in a subclassed controller:
+ #
+ # skip_before_filter :login_required
+ #
+ def login_required
+ logged_in? || access_denied
+ end
+
+ # Redirect as appropriate when an access request fails.
+ #
+ # The default action is to redirect to the login screen.
+ #
+ # Override this method in your controllers if you want to have special
+ # behavior in case the user is not authorized
+ # to access the requested action. For example, a popup window might
+ # simply close itself.
+ def access_denied
+ respond_to do |format|
+ format.html do
+ store_location
+ redirect_to new_admin_login_path
+ end
+ end
+ end
+
+ # Store the URI of the current request in the session.
+ #
+ # We can return to this location by calling #redirect_back_or_default.
+ def store_location
+ session[:return_to] = request.request_uri
+ end
+
+ # Redirect to the URI stored by the most recent store_location call or
+ # to the passed default.
+ def redirect_back_or_default(default)
+ redirect_to(session[:return_to] || default)
+ session[:return_to] = nil
+ end
+
+ # Inclusion hook to make #current_user and #logged_in?
+ # available as ActionView helper methods.
+ def self.included(base)
+ base.send :helper_method, :logged_in?
+ end
+end
Please sign in to comment.
Something went wrong with that request. Please try again.