module Fiona7 class SessionsController < ActionController::Base before_filter :load_login_page def create login, password = params[:login], params[:password] if valid_credentials?(login, password) rsession.user_name = login redirect_to true_root_path else flash[:error] = I18n.t(:"fiona7.invalid_credentails") begin redirect_to :back rescue ActionController::RedirectBackError redirect_to scrivito_path(@login_page) end end end def destroy rsession.destroy redirect_to true_root_path end protected def load_login_page @login_page = Fiona7LoginPage.instance || Scrivito::BasicObj.root end def true_root_path if Fiona7.mode == :standalone scrivito_root_path elsif Fiona7.mode == :legacy root_path else raise "Invalid Fiona7.mode = #{Fiona7.mode}" end end def valid_credentials?(login, password) current_login = rsession.user_name rsession.user_name = 'root' Reactor::Cm::User.new(login).has_password?(password) ensure rsession.user_name = current_login unless rsession.user_name == current_login end end end