foodsoft/app/controllers/sessions_controller.rb

25 lines
647 B
Ruby

class SessionsController < ApplicationController
skip_before_filter :authenticate
layout 'login'
def new
end
def create
user = User.authenticate(params[:nick], params[:password])
if user
session[:user_id] = user.id
session[:scope] = FoodsoftConfig.scope # Save scope in session to not allow switching between foodcoops with one account
redirect_to session['return_to'] || root_url, :notice => "Logged in!"
else
flash.now.alert = "Invalid email or password"
render "new"
end
end
def destroy
session[:user_id] = nil
redirect_to login_url, :notice => "Logged out!"
end
end