Sha256: 9b8a6bd298ccfd8c70601a6e1ee1c9648988702582fad0cc573ad38d03a037b8
Contents?: true
Size: 1.47 KB
Versions: 6
Compression:
Stored size: 1.47 KB
Contents
class SessionsController < ApplicationController
skip_before_action :authenticate, only: %i[ new create ]
<%- if options.lockable? -%>
before_action :require_lock, attempts: 20, only: :create
<%- end -%>
before_action :set_session, only: :destroy
def index
@sessions = Current.user.sessions.order(created_at: :desc)
end
def new
@user = User.new
end
def create
user = User.find_by(email: params[:email])
if user && user.authenticate(params[:password])
<%- if two_factor? -%>
if user.otp_secret
signed_id = user.signed_id(purpose: :authentication_challenge, expires_in: 20.minutes)
redirect_to new_two_factor_authentication_challenge_path(token: signed_id)
else
@session = user.sessions.create!
cookies.signed.permanent[:session_token] = { value: @session.id, httponly: true }
redirect_to root_path, notice: "Signed in successfully"
end
<%- else -%>
@session = user.sessions.create!
cookies.signed.permanent[:session_token] = { value: @session.id, httponly: true }
redirect_to root_path, notice: "Signed in successfully"
<%- end -%>
else
redirect_to sign_in_path(email_hint: params[:email]), alert: "That email or password is incorrect"
end
end
def destroy
@session.destroy; redirect_to(sessions_path, notice: "That session has been logged out")
end
private
def set_session
@session = Current.user.sessions.find(params[:id])
end
end
Version data entries
6 entries across 6 versions & 1 rubygems