Contents

module Protected
  class SessionsController < Devise::SessionsController
    before_filter :first_login?, :except => [:destroy, :first_login, :update_first_login]
    skip_before_filter :authenticate_user!, :only => [:not_authorized, :new, :create]

    helper 'protected/application'

    def first_login
      redirect_to root_url unless current_user
    end

    def update_first_login
      current_user.update_on_first_login!(params[:user])
      if current_user.errors.any?
        render :action => :first_login
      else
        sign_out_all_scopes
        flash[:notice] = "Your password has been changed, please log in again."
        redirect_to new_user_session_url
      end
    rescue PasswordAlreadyUsedException => e
      current_user.errors.add(:password, e.message)
      render :action => :first_login
    rescue ActiveRecord::RecordInvalid => f
      render :action => :first_login
    end

    protected
    def first_login?
      if current_user.present? && (current_user.first_login? || params[:wants_first_login] == '1')
        params.delete(:wants_first_login)
        redirect_to first_login_url and return true
      end
    end

    def after_sign_in_path_for(resource_or_scope)
      if(current_user.is_admin?)
        admin_users_url
      else
        stored_location_for(resource_or_scope) || signed_in_root_path(resource_or_scope)
      end
    end
  end
end

Version data entries

5 entries across 5 versions & 1 rubygems

Version	Path
protected-1.0.4	app/controllers/protected/sessions_controller.rb
protected-1.0.3	app/controllers/protected/sessions_controller.rb
protected-1.0.2	app/controllers/protected/sessions_controller.rb
protected-1.0.1	app/controllers/protected/sessions_controller.rb
protected-1.0.0	app/controllers/protected/sessions_controller.rb