diff options
| -rw-r--r-- | app/controllers/sessions_controller.rb | 25 | ||||
| -rw-r--r-- | app/helpers/sessions_helper.rb | 65 | ||||
| -rw-r--r-- | db/migrate/20140302210209_add_remember_token_to_users.rb | 8 |
3 files changed, 98 insertions, 0 deletions
diff --git a/app/controllers/sessions_controller.rb b/app/controllers/sessions_controller.rb new file mode 100644 index 0000000..8a9de56 --- /dev/null +++ b/app/controllers/sessions_controller.rb @@ -0,0 +1,25 @@ +class SessionsController < ApplicationController + + def new + end + + def create + user = User.find_by(email: params[:session][:email].downcase) + if user && user.authenticate(params[:session][:password]) + sign_in user + #redirect goes here + else + render 'new' + end + end + + def destroy + + sign_out + + #I dont know where to redirect to so yeah + # redirect_to sign_in + + end + +end diff --git a/app/helpers/sessions_helper.rb b/app/helpers/sessions_helper.rb new file mode 100644 index 0000000..29a5c90 --- /dev/null +++ b/app/helpers/sessions_helper.rb @@ -0,0 +1,65 @@ +module SessionsHelper + + def sign_in(user) + #create a new remember token + remember_token = User.new_remember_token + #place token inside of the browser + cookies.permanent[:remember_token] = remember_token + #save the hashed token to the database + user.update_attribute(:remember_token, + User.hash(remember_token)) + #set the current user to be the given user + self.current_user = user + end + +#method creating for self.current_user + def current_user=(user) + remember_token = User.hash(cookies[:remember_token]) + @current_user ||= User.find_by(remember_token: remember_token) + end + + # checks if someone is currently signed in + def signed_in? + !current_user.nil? + end + + def sign_out + current_user.update_attribute(:remember_token, User.hash(User.new_remember_token)) + cookies.delete(:remember_token) + self.current_user = nil + end + +=begin + +This is for anyone that cares about how long a user is signed +in: + +Currently I have a user to be signed in forever unless they +log out (cookies.permanent....). + +If you want to change that, change line 7 to this: + +cookies[:remember_token] = { value: remember_token, + expires: 20.years.from_now.utc } + +which will expire the cookie in 20 years from its date of +creation. + +Oddly enough, this line above is equivalent to the: + +cookies.permanent + +This is just a short cut for this line since most people +create permanent cookies these days. + +Other times are: + +10.weeks.from_now + +5.days.ago + +etc... + +=end + +end diff --git a/db/migrate/20140302210209_add_remember_token_to_users.rb b/db/migrate/20140302210209_add_remember_token_to_users.rb new file mode 100644 index 0000000..6d84942 --- /dev/null +++ b/db/migrate/20140302210209_add_remember_token_to_users.rb @@ -0,0 +1,8 @@ +class AddRememberTokenToUsers < ActiveRecord::Migration + #add a remember me token to the database + #this keeps a user signed in until they sign out + def change + add_column :users, :remember_token, :string + add_index :users, :remember_token + end +end |