1 files changed, 17 insertions, 11 deletions

diff --git a/app/controllers/users_controller.rb b/app/controllers/users_controller.rb
index 58bf4c6..bcb45aa 100644
--- a/app/controllers/users_controller.rb
+++ b/app/controllers/users_controller.rb
@@ -1,7 +1,7 @@
 class UsersController < ApplicationController
-	before_action :set_user, only: [:show, :edit, :update, :destroy]
 
 	# GET /users
+
 	# GET /users.json
 	def index
 		@users = User.all
@@ -24,15 +24,17 @@ class UsersController < ApplicationController
 	# POST /users
 	# POST /users.json
 	def create
-		@user = User.new(user_params)
-
-		respond_to do |format|
-			if @user.save
-				format.html { redirect_to @user, notice: 'User was successfully created.' }
-				format.json { render action: 'show', status: :created, location: @user }
-			else
-				format.html { render action: 'new' }
-				format.json { render json: @user.errors, status: :unprocessable_entity }
+		if simple_captcha_valid?
+			@user = User.new(user_params)
+			respond_to do |format|
+				if @user.save
+					sign_in @user
+					format.html { redirect_to root_path, notice: 'User was successfully created.' }
+					format.json { render action: 'show', status: :created, location: @user }
+				else
+					format.html { render action: 'new', status: :unprocessable_entity }
+					format.json { render json: @user.errors, status: :unprocessable_entity }
+				end
 			end
 		end
 	end
@@ -67,8 +69,12 @@ class UsersController < ApplicationController
 		@user = User.find(params[:id])
 	end
 
+	def is_owner?(object)
+		object == current_user
+	end
+
 	# Never trust parameters from the scary internet, only allow the white list through.
 	def user_params
-		params.require(:user).permit(:name, :email, :user_name)
+		params.require(:user).permit(:name, :email, :user_name, :password, :password_confirmation)
 	end
 end