1# This controller handles the login/logout function of the site.
2class SessionsController < ApplicationController
3 # Be sure to include AuthenticationSystem in Application Controller instead
4 include AuthenticatedSystem
5
6 # render new.rhtml
7 def new
8 end
9
10 def create
11 self.current_user = User.authenticate(params[:login], params[:password])
12 if logged_in?
13 if params[:remember_me] == "1"
14 self.current_user.remember_me
15 cookies[:auth_token] = { :value => self.current_user.remember_token , :expires => self.current_user.remember_token_expires_at }
16 end
17 redirect_back_or_default('/')
18 flash[:notice] = "Logged in successfully"
19 else
20 render :action => 'new'
21 end
22 end
23
24 def destroy
25 self.current_user.forget_me if logged_in?
26 cookies.delete :auth_token
27 reset_session
28 flash[:notice] = "You have been logged out."
29 redirect_back_or_default('/')
30 end
31end