app/controllers/sessions_controller.rb

   1 class SessionsController < ApplicationController
   2
   3   def new
   4   end
   5
   6   def create
   7     self.current_user = User.authenticate(params[:login], params[:password])
   8     if logged_in?
   9       if params[:remember_me] == "1"
  10         self.current_user.remember_me
  11         cookies[:auth_token] = { :value => self.current_user.remember_token , :expires => self.current_user.remember_token_expires_at }
  12       end
  13       redirect_back_or_default('/')
  14       flash[:notice] = "Logged in successfully"
  15     else
  16       flash.now[:notice] = "Log in failed. Maybe wrong username/password ?"
  17       render :action => 'new'
  18     end
  19   end
  20
  21   def destroy
  22     self.current_user.forget_me if logged_in?
  23     cookies.delete :auth_token
  24     reset_session
  25     flash[:notice] = "You have been logged out."
  26     redirect_back_or_default('/')
  27   end
  28 end