Class LoginController
In: app/controllers/login_controller.rb
Parent: ApplicationController

Ths controller performs double duty. It contains the login action, which is used to log in administrative users.

It also contains the add_user, list_users, and delete_user actions, used to maintain the users table in the database.

The LoginController shares a layout with AdminController

See also: User

Methods

add_user   delete_user   index   list_users   login   logout  

Public Instance methods

add_user()

Add a new user to the database.

[Source]

    # File app/controllers/login_controller.rb, line 47
47:   def add_user
48:     @page_title = "Add a User"
49:     if request.get?
50:       @user = User.new
51:     else
52:       @user = User.new(params[:user])
53:       if @user.save
54:         redirect_to_index("User #{@user.name} created")
55:       end
56:     end
57:   end
delete_user()

Delete the user with the given ID from the database. The model raises an exception if we attempt to delete the last user.

[Source]

    # File app/controllers/login_controller.rb, line 62
62:   def delete_user
63:     id = params[:id]
64:     if id && user = User.find(id)
65:       begin
66:         user.destroy
67:         flash[:notice] = "User #{user.name} deleted"
68:       rescue
69:         flash[:notice] = "Can't delete last user"
70:       end
71:     end
72:     redirect_to(:action => :list_users)
73:   end
index()

The default action displays a status page.

[Source]

    # File app/controllers/login_controller.rb, line 19
19:   def index
20:     @page_title     = "Administer your Store"
21:     @total_orders   = Order.count
22:     @pending_orders = Order.count_pending
23:   end
list_users()

List all the users.

[Source]

    # File app/controllers/login_controller.rb, line 76
76:   def list_users
77:     @page_title = "User List"
78:     @all_users = User.find(:all)
79:   end
login()

Display the login form and wait for user to enter a name and password. We then validate these, adding the user object to the session if they authorize.

[Source]

    # File app/controllers/login_controller.rb, line 29
29:   def login
30:     if request.get?
31:       session[:user] = nil
32:       @user = User.new
33:     else
34:       @user = User.new(params[:user])
35:       logged_in_user = @user.try_to_login
36: 
37:       if logged_in_user
38:         session[:user] = logged_in_user
39:         redirect_to(:action => "index")
40:       else
41:         flash[:notice] = "Invalid user/password combination"
42:       end
43:     end
44:   end
logout()

Logout by clearing the user entry in the session. We then redirect to the login action.

[Source]

    # File app/controllers/login_controller.rb, line 83
83:   def logout
84:     session[:user] = nil
85:     flash[:notice] = "Logged out"
86:     redirect_to(:action => "login")
87:   end

[Validate]