Redstoner/redstoner.com
Archived
0
Fork 0
Code Issues Pull Requests 2 Wiki Activity
This repository has been archived on 2024-08-27. You can view files and clone it, but cannot push or open issues or pull requests.
badge
redstoner.com/app/controllers/sessions_controller.rb
jomo abeb405bab rescue and fail gracefully when updated user can't be saved 
saving the user can fail when the new ign or name are already assigned to a different user.
it's not worth implementing automatic correction because there can be multiple or even circular
'dependencies' of unique names that need to be changed
2016-12-14 23:57:08 +01:00

113 lines
3.4 KiB
Ruby
Raw Permalink Blame History

class SessionsController < ApplicationController
include UsersHelper
def new
if current_user
flash[:alert] = "You are already logged in!"
redirect_to current_user
else
if params[:return_path] && params[:return_path][0] == "/"
cookies[:return_path] = params[:return_path]
end
end
end
def create
unless current_user
user = User.find_by_email(params[:email])
if user && user.authenticate(params[:password])
if user.disabled?
flash[:alert] = "Your account has been disabled!"
elsif user.banned?
flash[:alert] = "You are banned!"
else
session[:user_id] = user.id
flash[:notice] = "Logged in!"
new_ign = fetch_name(user.uuid)
if new_ign.present? && new_ign != user.ign
user.name = new_ign if user.ign == user.name
user.ign = new_ign
if (user.save rescue false)
flash[:notice] += " Your name has been changed to #{new_ign}!"
else
flash[:alert] = "Failed to save your new username #{new_ign}! Please contact admins."
end
end
flash[:alert] = "Remember to validate your email! Your account may be deleted soon!" if !user.confirmed?
end
else
flash[:alert] = "You're doing it wrong!"
render action: 'new'
return
end
else
flash[:alert] = "You are already logged in!"
end
if cookies[:return_path]
begin
# might be invalid path
URI.parse(cookies[:return_path])
redirect_to cookies[:return_path]
rescue URI::Error
flash[:alert] = "Invalid return path!"
redirect_to blogposts_path
end
cookies.delete(:return_path)
else
redirect_to blogposts_path
end
end
def destroy
if original_user = User.find_by_id(session[:original_user_id])
logout_user = current_user
session[:user_id] = original_user.try(:id)
session.delete(:original_user_id)
puts "User #{original_user} reverted from #{logout_user}!"
flash[:notice] = "You are no longer '#{logout_user.name}'!"
redirect_to original_user
else
session.delete(:user_id)
redirect_to login_path, :notice => "Logged out!"
end
end
def become
original_user = current_user
new_user = User.find_by_id(params[:user])
if original_user && new_user && admin? && current_user.role >= new_user.role
if original_user == new_user
flash[:alert] = "You are already '#{new_user.name}'!"
else
if session[:original_user_id]
flash[:alert] = "Please revert to your account first"
else
session[:original_user_id] = original_user.id
session[:user_id] = new_user.id
puts "User #{original_user} became #{new_user}!"
flash[:notice] = "You are now '#{new_user.name}'!"
end
end
else
flash[:alert] = "You are not allowed to become this user"
end
redirect_to new_user
end
def revert
if old_user = current_user
original_user = User.find_by_id(session[:original_user_id])
if original_user && original_user.try(:admin?)
session.delete(:original_user_id)
session[:user_id] = original_user.try(:id)
flash[:notice] = "You are no longer '#{old_user.name}'!"
end
redirect_to old_user
else
redirect_to login_path
end
end
end
Reference in New Issue View Git Blame Copy Permalink