Class SessionsController
In: app/controllers/sessions_controller.rb
Parent: ApplicationController

This controller handles the login/logout function of the site.

Methods

create   destroy   new   note_failed_signin  

Public Instance methods

create()

[Source]

    # File app/controllers/sessions_controller.rb, line 9
 9:   def create
10:     logout_keeping_session!
11:     user = User.authenticate(params[:email], params[:password])
12:     if user
13:       # Protects against session fixation attacks, causes request forgery
14:       # protection if user resubmits an earlier form using back
15:       # button. Uncomment if you understand the tradeoffs.
16:       # reset_session
17:       self.current_user = user
18:       new_cookie_flag = (params[:remember_me] == "1")
19:       handle_remember_cookie! new_cookie_flag
20:       redirect_back_or_default('/')
21:       flash[:notice] = "Logged in successfully"
22:     else
23:       note_failed_signin
24:       @email = params[:email]
25:       @remember_me = params[:remember_me]
26:       render :action => 'new'
27:     end
28:   end
destroy()

[Source]

    # File app/controllers/sessions_controller.rb, line 30
30:   def destroy
31:     logout_killing_session!
32:     flash[:notice] = "You have been logged out."
33:     redirect_back_or_default('/')
34:   end
new()

render new.rhtml

[Source]

   # File app/controllers/sessions_controller.rb, line 6
6:   def new
7:   end

Protected Instance methods

note_failed_signin()

Track failed login attempts

[Source]

    # File app/controllers/sessions_controller.rb, line 38
38:     def note_failed_signin
39:       flash[:error] = "Couldn't log you in as '#{params[:login]}'"
40:       logger.warn "Failed login for '#{params[:login]}' from #{request.remote_ip} at #{Time.now.utc}"
41:     end

[Validate]