Added remember_me feature to login page.

app/assets/javascripts/app/views/login.jst.eco

@@ -11,6 +11,11 @@
             <input name="username" type="text" class="input span3" placeholder="Username or email" value="<%= @item.username %>" autocapitalize="off"/>
             <input name="password" type="password" class="input span3" placeholder="Password"/>
             <button class="btn btn-primary" type="submit">Sign in</button>
+            <div>
+              <span class="small"><input name="remember_me" value="1" type="checkbox"/> Remember me</span>
+              <span class="small">&middot;</span>
+              <a href="#resend_password" class="small">Forgot password?</a>
+            </div>
           </form>
         </div>
       </div>

app/assets/stylesheets/zzz.css

@@ -13,6 +13,15 @@ body {
   background-image: url("../assets/glyphicons-halflings.png");
 }
 
+/*
+ * 
+ */
+.hero-unit .small {
+  font-size: 12px;
+  line-height: 20px;
+  color: #999999;
+}
+
 /*
  * removed margin of forms to not break the layout with submit buttons within <form></form> area e. g. for modal dialogs
  */

app/controllers/sessions_controller.rb

@@ -5,8 +5,7 @@ class SessionsController < ApplicationController
 
   # "Create" a login, aka "log the user in"
   def create
-    logger.debug 'session create'
+
-#    logger.debug params.inspect
     user = User.authenticate( params[:username], params[:password] )
 
     # auth failed
@@ -15,32 +14,34 @@ class SessionsController < ApplicationController
       return
     end
     
+    user = User.find_fulldata(user.id)
+    
     # do not show password
     user['password'] = ''
     
-    user['roles']         = user.roles.select('id, name').where(:active => true)      
-    user['groups']        = user.groups.select('id, name').where(:active => true)      
-    user['organization']  = user.organization     
-    user['organizations'] = user.organizations.select('id, name').where(:active => true)      
-    
     # auto population of default collections
     default_collection = default_collections()
     
     # set session user_id
-    session[:user_id] = user.id
+    session[:user_id] = user['id']
 
     # check logon session
     logon_session_key = nil
     if params['logon_session']
       logon_session_key = Digest::MD5.hexdigest( rand(999999).to_s + Time.new.to_s )
-      ActiveRecord::SessionStore::Session.create(
+      session = ActiveRecord::SessionStore::Session.create(
         :session_id => logon_session_key,
         :data => {
-          :user_id => user.id
+          :user_id => user['id']
         }
       )
     end
 
+    # remember me - set session cookie to expire later
+    if params[:remember_me]
+      request.env['rack.session.options'][:expire_after] = 1.year.from_now
+    end
+
     # return new session data
     render :json => {
       :session             => user,
@@ -92,10 +93,14 @@ class SessionsController < ApplicationController
 
   # "Delete" a login, aka "log the user out"
   def destroy
-    
+
     # Remove the user id from the session
     @_current_user = session[:user_id] = nil
 
+    # reset session cookie (set :expire_after to '' in case remember_me is active)
+    request.env['rack.session.options'][:expire_after] = ''
+    request.env['rack.session.options'][:renew] = true
+
     render :json => { }
   end
     

app/models/user.rb

@@ -14,6 +14,10 @@ class User < ApplicationModel
 
   def self.authenticate( username, password )
     
+    # do not authenticate with nothing
+    return if !username
+    return if !password
+    
     # try to find user based on login
     user = User.where( :login => username, :active => true ).first