self.current_user.remember_me
cookies[:auth_token] = { :value => self.current_user.remember_token , :expires => self.current_user.remember_token_expires_at }
end
- redirect_back_or_default(:controller => '/account', :action => 'index')
+ redirect_back_or_default(:controller => '/site', :action => 'index')
flash[:notice] = "Logged in successfully"
end
end
return unless request.post?
@user.save!
self.current_user = @user
- redirect_back_or_default(:controller => '/account', :action => 'index')
+ redirect_back_or_default(:controller => '/site', :action => 'index')
flash[:notice] = "Thanks for signing up!"
rescue ActiveRecord::RecordInvalid
render :action => 'signup'
cookies.delete :auth_token
reset_session
flash[:notice] = "You have been logged out."
- redirect_back_or_default(:controller => '/account', :action => 'index')
+ redirect_back_or_default(:controller => '/site', :action => 'index')
end
end
def index
@quickvotes = QuickVote.find(:all, ["quickvote = 1"]).sort {|a,b| b.enddate <=> a.enddate}[0..1]
# if the person claims they are logged in
- if session[:user]
-
+
+ if logged_in?
# check to see that we actually have record of them
- if User.find(:all, ["id = ?", session[:user].id]).length == 1
+ if User.exists?(session[:user])
+ username = User.find(session[:user]).login
# if we have record of them, grab the list of their elections
session[:user] = User.find(session[:user])
@current_elections = session[:user].elections.sort do |a,b|
end
else
# if we have no record of them, set the session id back to
- # nothing and start again
+ # nothing and start again
session[:user] = nil
+
end
end
end
# Virtual attribute for the unencrypted password
attr_accessor :password
-
+ attr_accessor :current_user
+
validates_presence_of :login, :email
validates_presence_of :password, :if => :password_required?
validates_presence_of :password_confirmation, :if => :password_required?
# Returns true or false if the user is logged in.
# Preloads @current_user with the user model if they're logged in.
def logged_in?
- current_user != :false
+ (@current_user ||= session[:user_id] ? User.find_by_id(session[:user_id]) : :false).is_a?(User)
end
# Accesses the current user from the session.
def current_user
- @current_user ||= (session[:user] && User.find_by_id(session[:user])) || :false
+ @current_user if logged_in?
end
# Store the given user in the session.
def current_user=(new_user)
- session[:user] = (new_user.nil? || new_user.is_a?(Symbol)) ? nil : new_user.id
+ session[:user] = new_user
+ session[:user_id] = new_user.nil? ? nil : new_user.id
@current_user = new_user
end
module AuthenticatedTestHelper
# Sets the current user in the session from the user fixtures.
def login_as(user)
- @request.session[:user] = user ? users(user).id : nil
+ @request.session[:user_id] = user ? users(user).id : nil
end
def content_type(type)
def test_should_fail_login_and_not_redirect
post :login, :login => 'quentin', :password => 'bad password'
- assert_nil session[:user]
- assert_response :success
+ assert_nil session[:user]
+ assert_nil session[:user_id]
+ assert_response :success
end
def test_should_allow_signup
assert_difference User, :count do
- create_user
- assert_response :redirect
+ create_user
+ assert_response :redirect
end
end
def test_should_require_login_on_signup
assert_no_difference User, :count do
- create_user(:login => nil)
- assert assigns(:user).errors.on(:login)
- assert_response :success
+ create_user(:login => nil)
+ assert assigns(:user).errors.on(:login)
+ assert_response :success
end
end
login_as :quentin
get :logout
assert_nil session[:user]
+ assert_nil session[:user_id]
assert_response :redirect
end
projects / selectricity / commitdiff