Sha256: 5e64f61d373090eb39339eec633294f30ebf8c577a6b1ab2dd30421b1fbb5782
Contents?: true
Size: 1.38 KB
Versions: 2
Compression:
Stored size: 1.38 KB
Contents
class SessionsController < ApplicationController skip_before_action :authenticate, only: %i[ new create ] before_action :set_session, only: :destroy def index @sessions = Current.user.sessions.order(created_at: :desc) end def new @user = User.new end def create user = User.find_by(email: params[:email]) if user && user.authenticate(params[:password]) <%- if two_factor? -%> if user.otp_secret.present? signed_id = user.signed_id(purpose: :authentication_challenge, expires_in: 20.minutes) redirect_to new_two_factor_authentication_challenge_path(token: signed_id) else @session = user.sessions.create! cookies.signed.permanent[:session_token] = { value: @session.id, httponly: true } redirect_to root_path, notice: "Signed in successfully" end <%- else -%> @session = user.sessions.create! cookies.signed.permanent[:session_token] = { value: @session.id, httponly: true } redirect_to root_path, notice: "Signed in successfully" <%- end -%> else redirect_to sign_in_path(email_hint: params[:email]), alert: "That email or password is incorrect" end end def destroy @session.destroy; redirect_to(sessions_path, notice: "That session has been logged out") end private def set_session @session = Current.user.sessions.find(params[:id]) end end
Version data entries
2 entries across 2 versions & 1 rubygems