1 class Admin::WelcomeController < ApplicationController
2 no_login_required
3 before_filter :never_cache
4 skip_before_filter :verify_authenticity_token
5
6 def index
7 redirect_to admin_pages_url
8 end
9
10 def login
11 if request.post?
12 @username_or_email = params[:username_or_email]
13 password = params[:password]
14 announce_invalid_user unless self.current_user = User.authenticate(@username_or_email, password)
15 end
16 if current_user
17 if params[:remember_me]
18 current_user.remember_me
19 set_session_cookie
20 end
21 redirect_to (session[:return_to] || welcome_url)
22 session[:return_to] = nil
23 end
24 end
25
26 def logout
27 request.cookies[:session_token] = { :expires => 1.day.ago.utc }
28 self.current_user.forget_me if self.current_user
29 self.current_user = nil
30 announce_logged_out
31 redirect_to login_url
32 end
33
34 private
35
36 def never_cache
37 expires_now
38 end
39
40 def announce_logged_out
41 flash[:notice] = t('welcome_controller.logged_out')
42 end
43
44 def announce_invalid_user
45 flash.now[:error] = t('welcome_controller.invalid_user')
46 end
47
48 end