account_controller.rb
3.74 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
class AccountController < PublicController
before_filter :load_default_environment
design :holder => 'environment'
# say something nice, you goof! something sweet.
def index
unless logged_in?
render :action => 'index_anonymous'
end
end
# action to perform login to the application
def login
@user = User.new
return unless request.post?
self.current_user = User.authenticate(params[:login], params[:password])
if logged_in?
if params[:remember_me] == "1"
self.current_user.remember_me
cookies[:auth_token] = { :value => self.current_user.remember_token , :expires => self.current_user.remember_token_expires_at }
end
go_to_user_initial_page
flash[:notice] = _("Logged in successfully")
else
flash[:notice] = _('Incorrect username or password')
end
end
# action to register an user to the application
def signup
begin
@user = User.new(params[:user])
@user.terms_of_use = environment.terms_of_use
@terms_of_use = environment.terms_of_use
if request.post?
@user.save!
@user.person.environment = environment
@user.person.save!
self.current_user = @user
owner_role = Role.find_by_name('owner')
@user.person.affiliate(@user.person, [owner_role]) if owner_role
go_to_user_initial_page
flash[:notice] = _("Thanks for signing up!")
end
rescue ActiveRecord::RecordInvalid
render :action => 'signup'
end
end
# action to perform logout from the application
def logout
self.current_user.forget_me if logged_in?
cookies.delete :auth_token
reset_session
flash[:notice] = _("You have been logged out.")
redirect_back_or_default(:controller => 'account', :action => 'index')
end
def change_password
if request.post?
@user = current_user
begin
@user.change_password!(params[:current_password],
params[:new_password],
params[:new_password_confirmation])
flash[:notice] = _('Your password has been changed successfully!')
redirect_to :action => 'index'
rescue User::IncorrectPassword => e
flash[:notice] = _('The supplied current password is incorrect.')
render :action => 'change_password'
end
else
render :action => 'change_password'
end
end
# The user requests a password change. She forgot her old password.
#
# Posts back.
def forgot_password
@change_password = ChangePassword.new(params[:change_password])
if request.post?
begin
@change_password.save!
render :action => 'password_recovery_sent'
rescue ActiveRecord::RecordInvalid => e
nil # just pass and render at the end of the action
end
end
end
# The user has a code for a ChangePassword request object.
#
# Posts back.
def new_password
@change_password = ChangePassword.find_by_code(params[:code])
unless @change_password
render :action => 'invalid_change_password_code', :status => 403
return
end
if request.post?
begin
@change_password.update_attributes!(params[:change_password])
@change_password.finish
render :action => 'new_password_ok'
rescue ActiveRecord::RecordInvalid => e
nil # just render new_password
end
end
end
protected
before_filter :load_profile_for_user
def load_profile_for_user
return unless logged_in?
@profile = current_user.person
end
def load_default_environment
@environment = Environment.default
end
def go_to_user_initial_page
redirect_back_or_default(:controller => "content_viewer", :profile => current_user.login, :action => 'view_page', :page => [])
end
end