Sha256: fc907b82fbf76f5b47d289f37f12bb684d24a481af5a08672b14c6c3c8dd6439
Contents?: true
Size: 1.48 KB
Versions: 1
Compression:
Stored size: 1.48 KB
Contents
class SessionsController < ApplicationController
skip_before_action :authenticate, only: %i[ new create ]
<%- if options.lockable? -%>
before_action :require_lock, attempts: 20, only: :create
<%- end -%>
before_action :set_session, only: :destroy
def index
@sessions = Current.user.sessions.order(created_at: :desc)
end
def new
@user = User.new
end
def create
user = User.find_by(email: params[:email])
if user && user.authenticate(params[:password])
<%- if two_factor? -%>
if user.otp_secret
signed_id = user.signed_id(purpose: :authentication_challenge, expires_in: 20.minutes)
redirect_to new_two_factor_authentication_challenge_path(token: signed_id)
else
@session = user.sessions.create!
cookies.signed.permanent[:session_token] = { value: @session.id, httponly: true }
redirect_to root_path, notice: "Signed in successfully"
end
<%- else -%>
@session = user.sessions.create!
cookies.signed.permanent[:session_token] = { value: @session.id, httponly: true }
redirect_to root_path, notice: "Signed in successfully"
<%- end -%>
else
redirect_to sign_in_path(email_hint: params[:email]), alert: "That email or password is incorrect"
end
end
def destroy
@session.destroy; redirect_to(sessions_path, notice: "That session has been logged out")
end
private
def set_session
@session = Current.user.sessions.find(params[:id])
end
end
Version data entries
1 entries across 1 versions & 1 rubygems
| Version | Path |
|---|---|
| authentication-zero-2.16.4 | lib/generators/authentication/templates/controllers/html/sessions_controller.rb.tt |