Sha256: 5e64f61d373090eb39339eec633294f30ebf8c577a6b1ab2dd30421b1fbb5782

Contents?: true

Size: 1.38 KB

Versions: 2

Compression:

Stored size: 1.38 KB

Contents

class SessionsController < ApplicationController
  skip_before_action :authenticate, only: %i[ new create ]

  before_action :set_session, only: :destroy

  def index
    @sessions = Current.user.sessions.order(created_at: :desc)
  end

  def new
    @user = User.new
  end

  def create
    user = User.find_by(email: params[:email])

    if user && user.authenticate(params[:password])
      <%- if two_factor? -%>
      if user.otp_secret.present?
        signed_id = user.signed_id(purpose: :authentication_challenge, expires_in: 20.minutes)
        redirect_to new_two_factor_authentication_challenge_path(token: signed_id)
      else
        @session = user.sessions.create!
        cookies.signed.permanent[:session_token] = { value: @session.id, httponly: true }

        redirect_to root_path, notice: "Signed in successfully"
      end
      <%- else -%>
      @session = user.sessions.create!
      cookies.signed.permanent[:session_token] = { value: @session.id, httponly: true }

      redirect_to root_path, notice: "Signed in successfully"
      <%- end -%>
    else
      redirect_to sign_in_path(email_hint: params[:email]), alert: "That email or password is incorrect"
    end
  end

  def destroy
    @session.destroy; redirect_to(sessions_path, notice: "That session has been logged out")
  end

  private
    def set_session
      @session = Current.user.sessions.find(params[:id])
    end
end

Version data entries

2 entries across 2 versions & 1 rubygems

Version Path
authentication-zero-2.16.17 lib/generators/authentication/templates/controllers/html/sessions_controller.rb.tt
authentication-zero-2.16.16 lib/generators/authentication/templates/controllers/html/sessions_controller.rb.tt