Sha256: 739e2a441652e26f6d094236f7392ad6533a3c0e41e92fd93a4854276cae31fa
Contents?: true
Size: 1.37 KB
Versions: 5
Compression:
Stored size: 1.37 KB
Contents
class SessionsController < ApplicationController
skip_before_action :authenticate, only: %i[ new create ]
before_action :set_session, only: :destroy
def index
@sessions = Current.user.sessions.order(created_at: :desc)
end
def new
@user = User.new
end
def create
user = User.find_by(email: params[:email])
if user && user.authenticate(params[:password])
<%- if two_factor? -%>
if user.otp_secret
signed_id = user.signed_id(purpose: :authentication_challenge, expires_in: 20.minutes)
redirect_to new_two_factor_authentication_challenge_path(token: signed_id)
else
@session = user.sessions.create!
cookies.signed.permanent[:session_token] = { value: @session.id, httponly: true }
redirect_to root_path, notice: "Signed in successfully"
end
<%- else -%>
@session = user.sessions.create!
cookies.signed.permanent[:session_token] = { value: @session.id, httponly: true }
redirect_to root_path, notice: "Signed in successfully"
<%- end -%>
else
redirect_to sign_in_path(email_hint: params[:email]), alert: "That email or password is incorrect"
end
end
def destroy
@session.destroy; redirect_to(sessions_path, notice: "That session has been logged out")
end
private
def set_session
@session = Current.user.sessions.find(params[:id])
end
end
Version data entries
5 entries across 5 versions & 1 rubygems