1  class Admin::WelcomeController < ApplicationController
   2    no_login_required
   3    before_filter :never_cache
   4    skip_before_filter :verify_authenticity_token
   5    
   6    def index
   7      redirect_to admin_pages_url
   8    end
   9    
  10    def login
  11      if request.post?
  12        @username_or_email = params[:username_or_email]
  13        password = params[:password]
  14        announce_invalid_user unless self.current_user = User.authenticate(@username_or_email, password)
  15      end
  16      if current_user
  17        if params[:remember_me]
  18          current_user.remember_me
  19          set_session_cookie
  20        end
  21        redirect_to (session[:return_to] || welcome_url)
  22        session[:return_to] = nil
  23      end
  24    end
  25    
  26    def logout
  27      request.cookies[:session_token] = { :expires => 1.day.ago.utc }
  28      self.current_user.forget_me if self.current_user
  29      self.current_user = nil
  30      announce_logged_out
  31      redirect_to login_url
  32    end
  33    
  34    private
  35    
  36      def never_cache
  37        expires_now
  38      end
  39    
  40      def announce_logged_out
  41        flash[:notice] = t('welcome_controller.logged_out')
  42      end
  43      
  44      def announce_invalid_user
  45        flash.now[:error] = t('welcome_controller.invalid_user')
  46      end
  47      
  48  end