Class | SessionsController |
In: |
app/controllers/sessions_controller.rb
|
Parent: | ApplicationController |
File: | sessions_controller.rb |
(C): | Hipposoft 2008, 2009 |
Purpose: | Manage OpenID logins. Originally created from examples in the open_id_authentication plugin. |
06-Jan-2008 (ADH): Created.
Called when the sign in form is submitted or when the OpenID plug- in has completed a sign-in attempt, successfully or otherwise.
# File app/controllers/sessions_controller.rb, line 19 19: def create 20: identity_url = params[ :openid_url ] 21: 22: # Identity URL is *not* nil, but *is* empty? Form was submitted 23: # with an empty string. URL is *not* nil and is *not* empty? Form 24: # was submitted with a URL; call authentication routine. URL *is* 25: # nil? We're being called from the Open ID plug-in with the result 26: # of a sign-in attempt. Again, call the authentication routine but 27: # don't try and read the JavaScript detection field. 28: 29: if ( not identity_url.nil? and identity_url.empty? ) 30: failed_login( 'You must provide an ID.') 31: else 32: identity_url = User.rationalise_id( identity_url ) 33: session[ :javascript ] = params[ :javascript ] unless ( identity_url.nil? ) 34: open_id_authentication() 35: end 36: 37: rescue => error 38: failed_login( "An unexpected error was encountered: #{ error.message }" ) 39: end
Sign out - may be called by a normal user or if a user decides to cancel during the sign-up process.
# File app/controllers/sessions_controller.rb, line 44 44: def destroy 45: user = @current_user 46: normal = ( @current_user and ( not @current_user.name.nil? ) and ( not @current_user.name.empty? ) ) 47: reset_session() 48: 49: if ( normal ) 50: flash[ :notice ] = 'You have signed out.' 51: else 52: user.destroy() if ( user ) 53: flash[ :error ] = 'Sign in process aborted.' 54: end 55: 56: redirect_to( signin_path() ) 57: end
# File app/controllers/sessions_controller.rb, line 61 61: def open_id_authentication() 62: 63: authenticate_with_open_id do | result, identity_url | 64: identity_url = User.rationalise_id( identity_url ) 65: 66: if result.successful? 67: 68: # The OpenID sign in went OK. If we can find an active user 69: # with that ID, sign in is complete. If there's an inactive 70: # user, complain. Otherwise, create a new user account - if 71: # this is the first user, any OpenID will do; else it must 72: # be in the permitted list. 73: 74: if ( @current_user = User.active.find_by_identity_url( identity_url ) ) 75: successful_login() 76: 77: elsif ( User.inactive.find_by_identity_url( identity_url ) ) 78: failed_login( "The account for OpenID '#{ identity_url }' has been deactivated. Please contact your system administrator for assistance." ) 79: 80: else 81: # Handle very first login auto-creation of the admin account 82: 83: if ( User.count.zero? ) 84: 85: # Do this here because redirecting to the User controller 86: # would require an exposed URL that could be used to try 87: # and create users without OpenID authentication. 88: 89: user_type = 'Admin' 90: 91: @current_user = User.new 92: @current_user.assign_defaults( nil, identity_url, user_type ) 93: @current_user.save! 94: 95: new_login() 96: 97: else 98: 99: # The identity URL does not match any existing user and the 100: # administrator account already exists. 101: 102: failed_login( "Sorry, OpenID '#{ identity_url }' is not permitted to use this service. Please contact your system administrator for assistance.") 103: 104: end 105: end 106: 107: else 108: # The OpenID login attempt failed. 109: failed_login( result.message ) 110: 111: end 112: end 113: end