diff options
Diffstat (limited to 'app/controllers/user_controller.rb')
| -rw-r--r-- | app/controllers/user_controller.rb | 71 |
1 files changed, 70 insertions, 1 deletions
diff --git a/app/controllers/user_controller.rb b/app/controllers/user_controller.rb index 959630166..084bbbc81 100644 --- a/app/controllers/user_controller.rb +++ b/app/controllers/user_controller.rb @@ -4,7 +4,7 @@ # Copyright (c) 2007 UK Citizens Online Democracy. All rights reserved. # Email: francis@mysociety.org; WWW: http://www.mysociety.org/ # -# $Id: user_controller.rb,v 1.6 2007-10-31 12:39:58 francis Exp $ +# $Id: user_controller.rb,v 1.7 2007-10-31 17:25:29 francis Exp $ class UserController < ApplicationController # XXX See controllers/application.rb simplify_url_part for reverse of expression in SQL below @@ -12,6 +12,75 @@ class UserController < ApplicationController @display_users = User.find(:all, :conditions => [ "regexp_replace(replace(lower(name), ' ', '-'), '[^a-z0-9_-]', '', 'g') = ?", params[:simple_name] ], :order => "created_at desc") end + # Login form + def signin + # The explict signin link uses this to store where it is to go back to + if params[:r] + session[:intended_uri] = params[:r] + session[:intended_params] = nil + end + + if not params[:user] + # First time page is shown + render :template => 'user_accounts/signin' and return + else + @user = User.authenticate(params[:user][:email], params[:user][:password]) + if @user + # Successful login + session[:user] = @user.id + post_redirect session[:intended_uri], session[:intended_params] and return + else + if User.find(:first, :conditions => [ "email = ?", params[:user][:email] ]) + # Failed to authenticate + flash[:error] = "Password not correct, please try again" + @user = User.new(params[:user]) + render :template => 'user_accounts/signin' and return + else + # "I am new to FOIFA" + session[:email] = params[:user][:email] + session[:password] = params[:user][:password] + session[:first_time] = true + redirect_to :action => 'signup' and return + end + end + end + end + + # Create new account form + def signup + # Default to value saved from signin form + params[:user] ||= { :email => session[:email] } + params[:user] ||= { :password => session[:password] } + + # Make the user and try to save it + @user = User.new(params[:user]) + if not @user.save + # First time get to form (e.g. from signin) , don't show errors + if session[:first_time] + @first_time = true + @user.errors.clear + session[:first_time] = false + end + # Show the form + render :template => 'user_accounts/signup' + else + # New user made, redirect back to where we were + session[:user] = @user.id + post_redirect session[:intended_uri], session[:intended_params] and return + end + end + + # Logout form + def signout + session[:user] = nil + if params[:r] + redirect_to params[:r] + else + redirect_to :action => "index" + end + end + + private end |