authentasaurus 0.4.1
Sign up to get free protection for your applications and to get access to all the features.
- data/MIT-LICENSE +20 -0
- data/README.rdoc +173 -0
- data/TODO +4 -0
- data/app/controllers/areas_controller.rb +4 -0
- data/app/controllers/groups_controller.rb +4 -0
- data/app/controllers/permissions_controller.rb +4 -0
- data/app/controllers/recoveries_controller.rb +2 -0
- data/app/controllers/registrations_controller.rb +2 -0
- data/app/controllers/sessions_controller.rb +2 -0
- data/app/controllers/user_invitations_controller.rb +4 -0
- data/app/controllers/users_controller.rb +4 -0
- data/app/controllers/validations_controller.rb +2 -0
- data/app/models/area.rb +2 -0
- data/app/models/authentasaurus_emailer.rb +2 -0
- data/app/models/group.rb +2 -0
- data/app/models/permission.rb +2 -0
- data/app/models/recovery.rb +2 -0
- data/app/models/session.rb +2 -0
- data/app/models/user.rb +3 -0
- data/app/models/user_invitation.rb +2 -0
- data/app/models/user_sync.rb +3 -0
- data/app/models/validation.rb +2 -0
- data/app/views/areas/edit.html.erb +7 -0
- data/app/views/areas/index.html.erb +11 -0
- data/app/views/areas/new.html.erb +7 -0
- data/app/views/areas/show.html.erb +7 -0
- data/app/views/authentasaurus_emailer/invitation_mail.html.erb +4 -0
- data/app/views/authentasaurus_emailer/recovery_mail.html.erb +7 -0
- data/app/views/authentasaurus_emailer/validation_mail.html.erb +6 -0
- data/app/views/groups/edit.html.erb +7 -0
- data/app/views/groups/index.html.erb +11 -0
- data/app/views/groups/new.html.erb +7 -0
- data/app/views/groups/show.html.erb +7 -0
- data/app/views/permissions/edit.html.erb +19 -0
- data/app/views/permissions/index.html.erb +17 -0
- data/app/views/permissions/new.html.erb +19 -0
- data/app/views/permissions/show.html.erb +7 -0
- data/app/views/recoveries/edit.html.erb +24 -0
- data/app/views/recoveries/new.html.erb +15 -0
- data/app/views/registrations/new.html.erb +21 -0
- data/app/views/sessions/new.html.erb +41 -0
- data/app/views/sessions/no_access.html.erb +1 -0
- data/app/views/user_invitations/index.html.erb +14 -0
- data/app/views/user_invitations/new.html.erb +9 -0
- data/app/views/users/edit.html.erb +27 -0
- data/app/views/users/index.html.erb +19 -0
- data/app/views/users/new.html.erb +27 -0
- data/app/views/users/show.html.erb +11 -0
- data/app/views/validations/activate.html.erb +6 -0
- data/app/views/validations/resend_validation_email.html.erb +6 -0
- data/config/locales/en.yml +34 -0
- data/generators/authentasaurus/USAGE +2 -0
- data/generators/authentasaurus/authentasaurus_generator.rb +9 -0
- data/generators/authentasaurus/templates/authentasaurus_tasks.rake +48 -0
- data/generators/authentasaurus/templates/defaults.yml +51 -0
- data/generators/authentasaurus/templates/initializer.rb +3 -0
- data/generators/authentasaurus_views/USAGE +12 -0
- data/generators/authentasaurus_views/authentasaurus_views_generator.rb +87 -0
- data/generators/authentasaurus_views/templates/views/areas/edit.html.erb +7 -0
- data/generators/authentasaurus_views/templates/views/areas/index.html.erb +11 -0
- data/generators/authentasaurus_views/templates/views/areas/new.html.erb +7 -0
- data/generators/authentasaurus_views/templates/views/areas/show.html.erb +7 -0
- data/generators/authentasaurus_views/templates/views/authentasaurus_emailer/invitation_mail.html.erb +4 -0
- data/generators/authentasaurus_views/templates/views/authentasaurus_emailer/recovery_mail.html.erb +7 -0
- data/generators/authentasaurus_views/templates/views/authentasaurus_emailer/validation_mail.html.erb +6 -0
- data/generators/authentasaurus_views/templates/views/groups/edit.html.erb +7 -0
- data/generators/authentasaurus_views/templates/views/groups/index.html.erb +11 -0
- data/generators/authentasaurus_views/templates/views/groups/new.html.erb +7 -0
- data/generators/authentasaurus_views/templates/views/groups/show.html.erb +7 -0
- data/generators/authentasaurus_views/templates/views/permissions/edit.html.erb +19 -0
- data/generators/authentasaurus_views/templates/views/permissions/index.html.erb +17 -0
- data/generators/authentasaurus_views/templates/views/permissions/new.html.erb +19 -0
- data/generators/authentasaurus_views/templates/views/permissions/show.html.erb +7 -0
- data/generators/authentasaurus_views/templates/views/recoveries/edit.html.erb +24 -0
- data/generators/authentasaurus_views/templates/views/recoveries/new.html.erb +15 -0
- data/generators/authentasaurus_views/templates/views/registrations/new.html.erb +21 -0
- data/generators/authentasaurus_views/templates/views/sessions/new.html.erb +41 -0
- data/generators/authentasaurus_views/templates/views/sessions/no_access.html.erb +1 -0
- data/generators/authentasaurus_views/templates/views/user_invitations/index.html.erb +14 -0
- data/generators/authentasaurus_views/templates/views/user_invitations/new.html.erb +9 -0
- data/generators/authentasaurus_views/templates/views/users/edit.html.erb +27 -0
- data/generators/authentasaurus_views/templates/views/users/index.html.erb +19 -0
- data/generators/authentasaurus_views/templates/views/users/new.html.erb +27 -0
- data/generators/authentasaurus_views/templates/views/users/show.html.erb +11 -0
- data/generators/authentasaurus_views/templates/views/validations/activate.html.erb +6 -0
- data/generators/authentasaurus_views/templates/views/validations/resend_validation_email.html.erb +6 -0
- data/lib/action_controller/authorization.rb +215 -0
- data/lib/action_view/authorization.rb +123 -0
- data/lib/active_record/acts_as_authenticatable.rb +80 -0
- data/lib/active_record/acts_as_authenticatable_validatable.rb +32 -0
- data/lib/active_record/authenticatable.rb +56 -0
- data/lib/active_resource/acts_as_authenticatable.rb +42 -0
- data/lib/active_resource/authenticatable.rb +22 -0
- data/lib/authentasaurus.rb +21 -0
- data/lib/authentasaurus/areas_controller.rb +71 -0
- data/lib/authentasaurus/authentasaurus_controller.rb +2 -0
- data/lib/authentasaurus/groups_controller.rb +73 -0
- data/lib/authentasaurus/models/area.rb +8 -0
- data/lib/authentasaurus/models/authentasaurus_emailer.rb +31 -0
- data/lib/authentasaurus/models/group.rb +8 -0
- data/lib/authentasaurus/models/permission.rb +9 -0
- data/lib/authentasaurus/models/recovery.rb +23 -0
- data/lib/authentasaurus/models/session.rb +63 -0
- data/lib/authentasaurus/models/user_invitation.rb +21 -0
- data/lib/authentasaurus/models/validation.rb +18 -0
- data/lib/authentasaurus/permissions_controller.rb +71 -0
- data/lib/authentasaurus/recoveries_controller.rb +59 -0
- data/lib/authentasaurus/registrations_controller.rb +32 -0
- data/lib/authentasaurus/sessions_controller.rb +45 -0
- data/lib/authentasaurus/user_invitations_controller.rb +39 -0
- data/lib/authentasaurus/users_controller.rb +71 -0
- data/lib/authentasaurus/validations_controller.rb +34 -0
- data/lib/helpers/migrations.rb +171 -0
- data/lib/helpers/routing.rb +90 -0
- data/rails/init.rb +37 -0
- metadata +188 -0
@@ -0,0 +1,73 @@
|
|
1
|
+
class Authentasaurus::GroupsController < Authentasaurus::AuthentasaurusController
|
2
|
+
|
3
|
+
def index
|
4
|
+
@groups = Group.find :all
|
5
|
+
|
6
|
+
respond_to do |format|
|
7
|
+
format.html
|
8
|
+
end
|
9
|
+
end
|
10
|
+
|
11
|
+
def show
|
12
|
+
@group = Group.find params[:id]
|
13
|
+
|
14
|
+
respond_to do |format|
|
15
|
+
format.html
|
16
|
+
end
|
17
|
+
end
|
18
|
+
|
19
|
+
def new
|
20
|
+
@group = Group.new
|
21
|
+
|
22
|
+
respond_to do |format|
|
23
|
+
format.html
|
24
|
+
end
|
25
|
+
end
|
26
|
+
|
27
|
+
def create
|
28
|
+
@group = Group.new params[:group]
|
29
|
+
|
30
|
+
respond_to do |format|
|
31
|
+
if @group.save
|
32
|
+
flash.now[:notice] = "Group created"
|
33
|
+
format.html { redirect_to :action=>:index }
|
34
|
+
else
|
35
|
+
flash.now[:notice] = "Error creating group"
|
36
|
+
format.html { render :new }
|
37
|
+
end
|
38
|
+
end
|
39
|
+
end
|
40
|
+
|
41
|
+
def edit
|
42
|
+
@group = Group.find params[:id]
|
43
|
+
|
44
|
+
respond_to do |format|
|
45
|
+
format.html
|
46
|
+
end
|
47
|
+
end
|
48
|
+
|
49
|
+
def update
|
50
|
+
@group = Group.find params[:id]
|
51
|
+
|
52
|
+
respond_to do |format|
|
53
|
+
if @group.update_attributes(params[:group])
|
54
|
+
flash.now[:notice] = "Group updated"
|
55
|
+
format.html { redirect_to @group }
|
56
|
+
else
|
57
|
+
flash.now[:notice] = "Error updating group"
|
58
|
+
format.html { render :edit }
|
59
|
+
end
|
60
|
+
end
|
61
|
+
|
62
|
+
end
|
63
|
+
|
64
|
+
def destroy
|
65
|
+
@group = Group.find params[:id]
|
66
|
+
@group.destroy
|
67
|
+
|
68
|
+
respond_to do |format|
|
69
|
+
format.html { redirect_to :action=>:index }
|
70
|
+
end
|
71
|
+
end
|
72
|
+
|
73
|
+
end
|
@@ -0,0 +1,31 @@
|
|
1
|
+
class Authentasaurus::Models::AuthentasaurusEmailer < ActionMailer::Base
|
2
|
+
def validation_mail(name, email, validation_code, sent_at = Time.now)
|
3
|
+
subject AUTHENTASAURUS[:modules][:validatable][:mail_subject]
|
4
|
+
recipients email
|
5
|
+
from AUTHENTASAURUS[:modules][:validatable][:mail_from]
|
6
|
+
sent_on sent_at
|
7
|
+
|
8
|
+
body :name => name, :vcode => validation_code
|
9
|
+
content_type "text/html"
|
10
|
+
end
|
11
|
+
|
12
|
+
def recovery_mail(user, token, sent_at = Time.now)
|
13
|
+
subject AUTHENTASAURUS[:modules][:recoverable][:mail_subject]
|
14
|
+
recipients user.email
|
15
|
+
from AUTHENTASAURUS[:modules][:recoverable][:mail_from] # dont forget to change me
|
16
|
+
sent_on sent_at
|
17
|
+
|
18
|
+
body :name => user.name, :token => token
|
19
|
+
content_type "text/html"
|
20
|
+
end
|
21
|
+
|
22
|
+
def invitation_mail(email, token, sent_at = Time.now)
|
23
|
+
subject AUTHENTASAURUS[:modules][:invitable][:mail_subject]
|
24
|
+
recipients email
|
25
|
+
from AUTHENTASAURUS[:modules][:invitable][:mail_from]
|
26
|
+
sent_on sent_at
|
27
|
+
|
28
|
+
body :token => token
|
29
|
+
content_type "text/html"
|
30
|
+
end
|
31
|
+
end
|
@@ -0,0 +1,23 @@
|
|
1
|
+
class Authentasaurus::Models::Recovery < ActiveRecord::Base
|
2
|
+
require "digest/sha1"
|
3
|
+
belongs_to :user
|
4
|
+
|
5
|
+
before_validation_on_create :make_token!
|
6
|
+
before_save :send_recovery
|
7
|
+
|
8
|
+
named_scope :valid, lambda { { :conditions => ["updated_at <= ?", AUTHENTASAURUS[:modules][:recoverable][:token_expires_after].days.from_now] } }
|
9
|
+
|
10
|
+
validates_uniqueness_of :user_id
|
11
|
+
validates_presence_of :email
|
12
|
+
validates_presence_of :user_id, :message => :"recovery.user_id.blank"
|
13
|
+
validates_format_of :email, :with => %r{[a-zA-Z0-9._%+-]+@[a-zA-Z0-9.-]+\.[a-zA-Z]{2,4}}
|
14
|
+
|
15
|
+
|
16
|
+
def make_token!
|
17
|
+
self.token = Digest::SHA1.hexdigest "#{Time.now.to_i} #{rand} #{self.email}"
|
18
|
+
end
|
19
|
+
|
20
|
+
def send_recovery
|
21
|
+
AuthentasaurusEmailer.deliver_recovery_mail(self.user, self.token) if AUTHENTASAURUS[:modules][:recoverable][:send_email]
|
22
|
+
end
|
23
|
+
end
|
@@ -0,0 +1,63 @@
|
|
1
|
+
# This class represents a session model, a session authenticates a username and a password.
|
2
|
+
#
|
3
|
+
# A session behaves just like an ActiveRecord model
|
4
|
+
class Authentasaurus::Models::Session
|
5
|
+
attr_accessor :username, :password, :remember
|
6
|
+
attr_accessor :errors
|
7
|
+
attr_reader :user
|
8
|
+
|
9
|
+
# Takes a hash of attributes keys and values just like ActiveRecord models
|
10
|
+
def initialize(attributes = nil)
|
11
|
+
self.errors = ActiveRecord::Errors.new(self)
|
12
|
+
if attributes
|
13
|
+
attributes.each do |key,value|
|
14
|
+
send(key.to_s + '=', value)
|
15
|
+
end
|
16
|
+
else
|
17
|
+
self.remember = false
|
18
|
+
end
|
19
|
+
end
|
20
|
+
|
21
|
+
# Authenticates the information saved in the attributes
|
22
|
+
# Returns true or false
|
23
|
+
def save(*session_types)
|
24
|
+
session_types = session_types.flatten
|
25
|
+
|
26
|
+
if session_types.empty?
|
27
|
+
session_types = [:user]
|
28
|
+
end
|
29
|
+
|
30
|
+
ret = true
|
31
|
+
session_types.each do |type|
|
32
|
+
@user = type.to_s.camelize.constantize.authenticate(self.username, self.password)
|
33
|
+
if @user.nil?
|
34
|
+
self.errors.add_to_base I18n.t(:invalid_login, :scope => [:authentasaurus, :messages, :sessions])
|
35
|
+
ret &= false
|
36
|
+
else
|
37
|
+
@user.create_remember_me_token if self.remember == "1"
|
38
|
+
ret = true
|
39
|
+
break
|
40
|
+
end
|
41
|
+
end
|
42
|
+
ret
|
43
|
+
end
|
44
|
+
|
45
|
+
# Takes a hash of attributes keys and values just like new and authenticates the information.
|
46
|
+
# Returns true or false
|
47
|
+
def self.create(*attrs)
|
48
|
+
attributes = attrs.extract_options!
|
49
|
+
attrs = attrs.flatten
|
50
|
+
self_obj = self.new attributes
|
51
|
+
self_obj.save(attrs)
|
52
|
+
return self_obj
|
53
|
+
end
|
54
|
+
|
55
|
+
def new_record? #:nodoc:
|
56
|
+
true
|
57
|
+
end
|
58
|
+
|
59
|
+
# Takes an id (usually from an ActiveController session) and returns a User object
|
60
|
+
def self.current_user(id, session_type = :user)
|
61
|
+
session_type.to_s.camelize.constantize.find id
|
62
|
+
end
|
63
|
+
end
|
@@ -0,0 +1,21 @@
|
|
1
|
+
class Authentasaurus::Models::UserInvitation < ActiveRecord::Base
|
2
|
+
require 'digest/sha1'
|
3
|
+
validates_presence_of :email
|
4
|
+
validates_uniqueness_of :email, :scope => :token
|
5
|
+
validates_format_of :email, :with => %r{[a-zA-Z0-9._%+-]+@[a-zA-Z0-9.-]+\.[a-zA-Z]{2,4}}
|
6
|
+
|
7
|
+
before_validation :create_token
|
8
|
+
#send email
|
9
|
+
after_create :send_invitation
|
10
|
+
|
11
|
+
def send_invitation
|
12
|
+
AuthentasaurusEmailer.deliver_invitation_mail(self.email, self.token) if AUTHENTASAURUS[:modules][:invitable][:send_email]
|
13
|
+
end
|
14
|
+
|
15
|
+
private
|
16
|
+
def create_token
|
17
|
+
return if self.email.nil? || self.email.blank?
|
18
|
+
string_to_hash=self.email + "invitable.olation" + self.email.hash.to_s
|
19
|
+
self.token = Digest::SHA1.hexdigest(string_to_hash)
|
20
|
+
end
|
21
|
+
end
|
@@ -0,0 +1,18 @@
|
|
1
|
+
class Authentasaurus::Models::Validation < ActiveRecord::Base
|
2
|
+
belongs_to :user, :polymorphic => true
|
3
|
+
|
4
|
+
# Check that everything is there
|
5
|
+
validates_presence_of :user_id, :validation_code, :user_type, :email
|
6
|
+
# Check foreign keys
|
7
|
+
validates_associated :user
|
8
|
+
# Check unique user
|
9
|
+
validates_uniqueness_of :user_id, :scope => [:user_type, :email]
|
10
|
+
validates_uniqueness_of :validation_code
|
11
|
+
|
12
|
+
#send email
|
13
|
+
after_create :send_validation
|
14
|
+
|
15
|
+
def send_validation
|
16
|
+
AuthentasaurusEmailer.deliver_validation_mail(self.user.name, self.email, self.validation_code) if AUTHENTASAURUS[:modules][:validatable][:send_email]
|
17
|
+
end
|
18
|
+
end
|
@@ -0,0 +1,71 @@
|
|
1
|
+
class Authentasaurus::PermissionsController < Authentasaurus::AuthentasaurusController
|
2
|
+
|
3
|
+
def index
|
4
|
+
@permissions = Permission.find :all
|
5
|
+
|
6
|
+
respond_to do |format|
|
7
|
+
format.html
|
8
|
+
end
|
9
|
+
end
|
10
|
+
|
11
|
+
def show
|
12
|
+
@permission = Permission.find params[:id]
|
13
|
+
|
14
|
+
respond_to do |format|
|
15
|
+
format.html
|
16
|
+
end
|
17
|
+
end
|
18
|
+
|
19
|
+
def new
|
20
|
+
@permission = Permission.new
|
21
|
+
|
22
|
+
respond_to do |format|
|
23
|
+
format.html
|
24
|
+
end
|
25
|
+
end
|
26
|
+
|
27
|
+
def create
|
28
|
+
@permission = Permission.new params[:permission]
|
29
|
+
|
30
|
+
respond_to do |format|
|
31
|
+
if @permission.save
|
32
|
+
flash.now[:notice] = "Permission created"
|
33
|
+
format.html { redirect_to :action=>:index }
|
34
|
+
else
|
35
|
+
flash.now[:notice] = "Error creating permission"
|
36
|
+
format.html { render :new }
|
37
|
+
end
|
38
|
+
end
|
39
|
+
end
|
40
|
+
|
41
|
+
def edit
|
42
|
+
@permission = Permission.find params[:id]
|
43
|
+
|
44
|
+
respond_to do |format|
|
45
|
+
format.html
|
46
|
+
end
|
47
|
+
end
|
48
|
+
|
49
|
+
def update
|
50
|
+
@permission = Permission.find params[:id]
|
51
|
+
|
52
|
+
respond_to do |format|
|
53
|
+
if @permission.update_attributes(params[:permission])
|
54
|
+
flash.now[:notice] = "Permission updated"
|
55
|
+
format.html { redirect_to @permission }
|
56
|
+
else
|
57
|
+
flash.now[:notice] = "Error updating permission"
|
58
|
+
format.html { render :edit }
|
59
|
+
end
|
60
|
+
end
|
61
|
+
end
|
62
|
+
|
63
|
+
def destroy
|
64
|
+
@permssion = Permission.find params[:id]
|
65
|
+
@permission.destroy()
|
66
|
+
|
67
|
+
respond_to do |format|
|
68
|
+
format.html { redirect_to :action=>:index }
|
69
|
+
end
|
70
|
+
end
|
71
|
+
end
|
@@ -0,0 +1,59 @@
|
|
1
|
+
class Authentasaurus::RecoveriesController < Authentasaurus::AuthentasaurusController
|
2
|
+
def new
|
3
|
+
@recovery = Recovery.new
|
4
|
+
|
5
|
+
respond_to do |format|
|
6
|
+
format.html
|
7
|
+
end
|
8
|
+
end
|
9
|
+
|
10
|
+
def create
|
11
|
+
@recovery = Recovery.find_or_initialize_by_email :email => params[:recovery][:email]
|
12
|
+
|
13
|
+
if @recovery.new_record?
|
14
|
+
@recovery.user = User.find_by_email @recovery.email
|
15
|
+
end
|
16
|
+
|
17
|
+
respond_to do |format|
|
18
|
+
if @recovery.save
|
19
|
+
@recovery.touch
|
20
|
+
format.html { redirect_to new_session_path, :notice => t(:recovery_email_sent, :scope => [:authentasaurus, :messages, :recoveries], :email => @recovery.email) }
|
21
|
+
else
|
22
|
+
format.html {render :new}
|
23
|
+
end
|
24
|
+
end
|
25
|
+
end
|
26
|
+
|
27
|
+
def edit
|
28
|
+
@recovery = Recovery.valid.find_by_token(params[:token])
|
29
|
+
|
30
|
+
respond_to do |format|
|
31
|
+
unless @recovery.nil?
|
32
|
+
@user = @recovery.user
|
33
|
+
format.html
|
34
|
+
else
|
35
|
+
format.html { redirect_to new_session_path, :alert => t(:recovery_failed, :scope => [:authentasaurus, :messages, :recoveries], :email => params[:email]) }
|
36
|
+
end
|
37
|
+
end
|
38
|
+
end
|
39
|
+
|
40
|
+
def destroy
|
41
|
+
@recovery = Recovery.find_by_token params[:token]
|
42
|
+
@user = @recovery.user
|
43
|
+
|
44
|
+
respond_to do |format|
|
45
|
+
empty_fields = params[:user].select { |key, value| value.blank? }
|
46
|
+
if !empty_fields.empty?
|
47
|
+
empty_fields.each do |f|
|
48
|
+
@user.errors.add_to_base t(:recovery_field_blank, :scope => [:authentasaurus, :messages, :recoveries], :field => f.first.humanize)
|
49
|
+
end
|
50
|
+
format.html { render :edit }
|
51
|
+
elsif @user.update_attributes params[:user]
|
52
|
+
@recovery.destroy
|
53
|
+
format.html { redirect_to new_session_path, :notice => t(:recovery_successful, :scope => [:authentasaurus, :messages, :recoveries], :email => params[:email]) }
|
54
|
+
else
|
55
|
+
format.html { render :edit, :alert => t(:recovery_failed, :scope => [:authentasaurus, :messages, :recoveries], :email => params[:email]) }
|
56
|
+
end
|
57
|
+
end
|
58
|
+
end
|
59
|
+
end
|
@@ -0,0 +1,32 @@
|
|
1
|
+
class Authentasaurus::RegistrationsController < Authentasaurus::AuthentasaurusController
|
2
|
+
def new
|
3
|
+
@user = User.new
|
4
|
+
@user_invitation = UserInvitation.find_by_token params[:token]
|
5
|
+
|
6
|
+
respond_to do |format|
|
7
|
+
if @user_invitation.nil?
|
8
|
+
format.html {redirect_to new_session_path, :alert => t(:invalid_invitation_token, :scope => [:authentasaurus, :messages, :user_invitations])}
|
9
|
+
else
|
10
|
+
@user.email = @user_invitation.email
|
11
|
+
format.html
|
12
|
+
end
|
13
|
+
end
|
14
|
+
end
|
15
|
+
|
16
|
+
def create
|
17
|
+
@user = User.new params[:user]
|
18
|
+
user_invitation = UserInvitation.find_by_token params[:token]
|
19
|
+
|
20
|
+
respond_to do |format|
|
21
|
+
unless user_invitation.nil?
|
22
|
+
if @user.save
|
23
|
+
format.html {redirect_to new_session_path}
|
24
|
+
else
|
25
|
+
format.html {render :new}
|
26
|
+
end
|
27
|
+
else
|
28
|
+
format.html {render :new, :alert => t(:invalid_invitation_token, :scope => [:authentasaurus, :messages, :user_invitations])}
|
29
|
+
end
|
30
|
+
end
|
31
|
+
end
|
32
|
+
end
|
@@ -0,0 +1,45 @@
|
|
1
|
+
class Authentasaurus::SessionsController < Authentasaurus::AuthentasaurusController
|
2
|
+
before_filter :check_is_logged_in, :except => :destroy
|
3
|
+
|
4
|
+
def new
|
5
|
+
@session = Session.new
|
6
|
+
|
7
|
+
respond_to do |format|
|
8
|
+
format.html
|
9
|
+
end
|
10
|
+
end
|
11
|
+
|
12
|
+
def create
|
13
|
+
@session = Session.new params[:session]
|
14
|
+
|
15
|
+
respond_to do |format|
|
16
|
+
if @session.save
|
17
|
+
if @session.remember == "1"
|
18
|
+
cookies.signed.permanent[:remember_me_token] = @session.user.remember_me_token
|
19
|
+
end
|
20
|
+
session[:user_id] = @session.user.id
|
21
|
+
session[:user_permissions] = {:read => @session.user.permissions.collect{|per| per.area.name if per.read}, :write => @session.user.permissions.collect{|per| per.area.name if per.write}}
|
22
|
+
format.html { redirect_to session[:original_url] || root_url }
|
23
|
+
else
|
24
|
+
format.html { render :action => :new }
|
25
|
+
end
|
26
|
+
end
|
27
|
+
|
28
|
+
end
|
29
|
+
|
30
|
+
def destroy
|
31
|
+
session[:user_id] = nil
|
32
|
+
session[:user_permissions] = nil
|
33
|
+
cookies.delete :remember_me_token
|
34
|
+
|
35
|
+
respond_to do |format|
|
36
|
+
format.html { redirect_to :action => :new }
|
37
|
+
end
|
38
|
+
end
|
39
|
+
|
40
|
+
private
|
41
|
+
def check_is_logged_in
|
42
|
+
redirect_to root_path if session[:user_id]
|
43
|
+
end
|
44
|
+
|
45
|
+
end
|