Contents

class SessionsController < ApplicationController
  skip_before_action :authenticate, only: :create

  <%- if options.lockable? -%>
  before_action :require_lock, attempts: 20, only: :create
  <%- end -%>
  before_action :set_session, only: %i[ show destroy ]

  def index
    render json: Current.user.sessions.order(created_at: :desc)
  end

  def show
    render json: @session
  end

  def create
    user = User.find_by(email: params[:email])

    if user && user.authenticate(params[:password])
      @session = user.sessions.create!
      response.set_header "X-Session-Token", @session.signed_id

      render json: @session, status: :created
    else
      render json: { error: "That email or password is incorrect" }, status: :unauthorized
    end
  end

  def destroy
    @session.destroy
  end

  private
    def set_session
      @session = Current.user.sessions.find(params[:id])
    end
end

Version data entries

8 entries across 8 versions & 1 rubygems

Version	Path
authentication-zero-2.16.11	lib/generators/authentication/templates/controllers/api/sessions_controller.rb.tt
authentication-zero-2.16.10	lib/generators/authentication/templates/controllers/api/sessions_controller.rb.tt
authentication-zero-2.16.9	lib/generators/authentication/templates/controllers/api/sessions_controller.rb.tt
authentication-zero-2.16.8	lib/generators/authentication/templates/controllers/api/sessions_controller.rb.tt
authentication-zero-2.16.7	lib/generators/authentication/templates/controllers/api/sessions_controller.rb.tt
authentication-zero-2.16.6	lib/generators/authentication/templates/controllers/api/sessions_controller.rb.tt
authentication-zero-2.16.5	lib/generators/authentication/templates/controllers/api/sessions_controller.rb.tt
authentication-zero-2.16.4	lib/generators/authentication/templates/controllers/api/sessions_controller.rb.tt