trabajo-afectivo/app/controllers/sessions_controller.rb

134 lines
3.4 KiB
Ruby
Raw Normal View History

2012-04-10 14:06:46 +00:00
class SessionsController < ApplicationController
# def create
# render :text => request.env['rack.auth'].inspect
# end
# "Create" a login, aka "log the user in"
def create
2012-10-18 08:10:12 +00:00
# authenticate user
2012-04-11 06:37:54 +00:00
user = User.authenticate( params[:username], params[:password] )
2012-04-10 14:06:46 +00:00
2012-04-11 06:37:54 +00:00
# auth failed
if !user
render :json => { :error => 'login failed' }, :status => :unprocessable_entity
return
2012-04-10 14:06:46 +00:00
end
2012-10-18 08:10:12 +00:00
2012-04-11 06:37:54 +00:00
# auto population of default collections
2012-10-23 20:25:42 +00:00
default_collection = SessionHelper::default_collections(user)
2012-11-12 09:34:22 +00:00
# remember me - set session cookie to expire later
reset_session
if params[:remember_me]
request.env['rack.session.options'][:expire_after] = 1.year.from_now
else
request.env['rack.session.options'][:expire_after] = nil
end
2012-04-11 06:37:54 +00:00
# set session user_id
2012-11-12 09:34:22 +00:00
user = User.find_fulldata(user.id)
session[:user_id] = user['id']
# check logon session
logon_session_key = nil
if params['logon_session']
logon_session_key = Digest::MD5.hexdigest( rand(999999).to_s + Time.new.to_s )
session = ActiveRecord::SessionStore::Session.create(
:session_id => logon_session_key,
:data => {
:user_id => user['id']
}
)
end
2012-04-11 06:37:54 +00:00
# return new session data
render :json => {
:session => user,
:default_collections => default_collection,
:logon_session => logon_session_key,
},
:status => :created
2012-04-10 14:06:46 +00:00
end
def show
user_id = nil
2012-04-11 06:37:54 +00:00
# no valid sessions
if session[:user_id]
user_id = session[:user_id]
end
# check logon session
if params['logon_session']
session = ActiveRecord::SessionStore::Session.where( :session_id => params['logon_session'] ).first
if session
user_id = session.data[:user_id]
end
end
if !user_id
2012-04-11 06:37:54 +00:00
render :json => {
:error => 'no valid session',
:config => config_frontend,
2012-04-10 19:57:33 +00:00
}
2012-04-11 06:37:54 +00:00
return
end
2012-04-10 19:57:33 +00:00
2012-04-11 06:37:54 +00:00
# Save the user ID in the session so it can be used in
# subsequent requests
2012-07-29 18:55:51 +00:00
user = User.user_data_full( user_id )
2012-04-10 19:57:33 +00:00
2012-04-11 06:37:54 +00:00
# auto population of default collections
2012-11-12 09:34:22 +00:00
default_collection = SessionHelper::default_collections( User.find(user_id) )
2012-04-10 19:57:33 +00:00
2012-04-11 06:37:54 +00:00
# return current session
render :json => {
:session => user,
:default_collections => default_collection,
:config => config_frontend,
}
2012-04-10 14:06:46 +00:00
end
# "Delete" a login, aka "log the user out"
def destroy
2012-04-10 14:06:46 +00:00
# Remove the user id from the session
@_current_user = session[:user_id] = nil
2012-04-11 06:37:54 +00:00
# reset session cookie (set :expire_after to '' in case remember_me is active)
request.env['rack.session.options'][:expire_after] = -1.year.from_now
request.env['rack.session.options'][:renew] = true
2012-04-11 06:37:54 +00:00
render :json => { }
2012-04-10 14:06:46 +00:00
end
2012-04-10 14:06:46 +00:00
def create_omniauth
auth = request.env['omniauth.auth']
if !auth
logger.info("AUTH IS NULL, SERVICE NOT LINKED TO ACCOUNT")
2012-04-18 08:33:42 +00:00
# redirect to app
redirect_to '/app'
2012-04-10 14:06:46 +00:00
end
2012-04-18 08:33:42 +00:00
# Create a new user or add an auth to existing user, depending on
# whether there is already a user signed in.
authorization = Authorization.find_from_hash(auth)
if !authorization
2012-04-18 08:33:42 +00:00
authorization = Authorization.create_from_hash(auth, current_user)
2012-04-10 14:06:46 +00:00
end
2012-04-18 08:33:42 +00:00
2012-10-18 08:10:12 +00:00
# remember last login date
2013-02-12 22:49:52 +00:00
authorization.user.update_last_login
2012-10-18 08:10:12 +00:00
2012-04-10 14:06:46 +00:00
# Log the authorizing user in.
2012-04-18 08:33:42 +00:00
session[:user_id] = authorization.user.id
2012-04-10 14:06:46 +00:00
# redirect to app
redirect_to '/app'
2012-04-10 14:06:46 +00:00
end
2012-10-18 08:10:12 +00:00
2012-04-10 14:06:46 +00:00
end