Sha256: a7815205886bbbf7a6dd42f86035a0042e7d2114263cf8fefd2f226c27c1fa57
Contents?: true
Size: 1.35 KB
Versions: 2
Compression:
Stored size: 1.35 KB
Contents
class SessionsController < ApplicationController
layout "sign_in"
skip_before_action :login_required, only: [:new, :create]
before_action :set_user
def create
if session_params[:name] != "admin" # NOTE: Application user is "admin" only, other user name is invalid for now.
flash.now[:notice] = I18n.t("messages.login_failed")
return render :new
end
unless @user.authenticate(session_params[:password])
flash.now[:notice] = I18n.t("messages.login_failed")
return render :new
end
sign_in @user
if session_params[:password] == Settings.default_password
flash[:warning] = t('terms.changeme_password')
end
redirect_to root_path
end
def destroy
session.delete :succeed_password
redirect_to new_sessions_path
end
private
def set_user
@user = User.new(name: "admin")
end
def session_params
params.require(:session).permit(:name, :password)
end
def sign_in(user)
# NOTE: Cookie will encrypt by Rails, but store raw password into session is a bad practice.
# If we use some DB in the future, change this to store token with expire limitation (not password).
#
# Currently, only store to session if default password is used.
session[:succeed_password] = session_params[:password] if session_params[:password] == Settings.default_password
end
end
Version data entries
2 entries across 2 versions & 1 rubygems
| Version | Path |
|---|---|
| fluentd-ui-0.1.1 | app/controllers/sessions_controller.rb |
| fluentd-ui-0.1.0 | app/controllers/sessions_controller.rb |