Mercurial > hg > soundsoftware-site
comparison app/controllers/account_controller.rb @ 1295:622f24f53b42 redmine-2.3
Update to Redmine SVN revision 11972 on 2.3-stable branch
| author | Chris Cannam |
|---|---|
| date | Fri, 14 Jun 2013 09:02:21 +0100 |
| parents | 433d4f72a19b |
| children | 4f746d8966dd |
comparison
equal
deleted
inserted
replaced
| 1294:3e4c3460b6ca | 1295:622f24f53b42 |
|---|---|
| 1 # Redmine - project management software | 1 # Redmine - project management software |
| 2 # Copyright (C) 2006-2012 Jean-Philippe Lang | 2 # Copyright (C) 2006-2013 Jean-Philippe Lang |
| 3 # | 3 # |
| 4 # This program is free software; you can redistribute it and/or | 4 # This program is free software; you can redistribute it and/or |
| 5 # modify it under the terms of the GNU General Public License | 5 # modify it under the terms of the GNU General Public License |
| 6 # as published by the Free Software Foundation; either version 2 | 6 # as published by the Free Software Foundation; either version 2 |
| 7 # of the License, or (at your option) any later version. | 7 # of the License, or (at your option) any later version. |
| 23 skip_before_filter :check_if_login_required | 23 skip_before_filter :check_if_login_required |
| 24 | 24 |
| 25 # Login request and validation | 25 # Login request and validation |
| 26 def login | 26 def login |
| 27 if request.get? | 27 if request.get? |
| 28 logout_user | 28 if User.current.logged? |
| 29 redirect_to home_url | |
| 30 end | |
| 29 else | 31 else |
| 30 authenticate_user | 32 authenticate_user |
| 31 end | 33 end |
| 32 rescue AuthSourceException => e | 34 rescue AuthSourceException => e |
| 33 logger.error "An error occured when authenticating #{params[:username]}: #{e.message}" | 35 logger.error "An error occured when authenticating #{params[:username]}: #{e.message}" |
| 34 render_error :message => e.message | 36 render_error :message => e.message |
| 35 end | 37 end |
| 36 | 38 |
| 37 # Log out current user and redirect to welcome page | 39 # Log out current user and redirect to welcome page |
| 38 def logout | 40 def logout |
| 39 logout_user | 41 if User.current.anonymous? |
| 40 redirect_to home_url | 42 redirect_to home_url |
| 43 elsif request.post? | |
| 44 logout_user | |
| 45 redirect_to home_url | |
| 46 end | |
| 47 # display the logout form | |
| 41 end | 48 end |
| 42 | 49 |
| 43 # Lets user choose a new password | 50 # Lets user choose a new password |
| 44 def lost_password | 51 def lost_password |
| 45 redirect_to(home_url) && return unless Setting.lost_password? | 52 (redirect_to(home_url); return) unless Setting.lost_password? |
| 46 if params[:token] | 53 if params[:token] |
| 47 @token = Token.find_by_action_and_value("recovery", params[:token].to_s) | 54 @token = Token.find_token("recovery", params[:token].to_s) |
| 48 if @token.nil? || @token.expired? | 55 if @token.nil? || @token.expired? |
| 49 redirect_to home_url | 56 redirect_to home_url |
| 50 return | 57 return |
| 51 end | 58 end |
| 52 @user = @token.user | 59 @user = @token.user |
| 90 end | 97 end |
| 91 end | 98 end |
| 92 | 99 |
| 93 # User self-registration | 100 # User self-registration |
| 94 def register | 101 def register |
| 95 redirect_to(home_url) && return unless Setting.self_registration? || session[:auth_source_registration] | 102 (redirect_to(home_url); return) unless Setting.self_registration? || session[:auth_source_registration] |
| 96 if request.get? | 103 if request.get? |
| 97 session[:auth_source_registration] = nil | 104 session[:auth_source_registration] = nil |
| 98 @user = User.new(:language => Setting.default_language) | 105 @user = User.new(:language => current_language.to_s) |
| 99 else | 106 else |
| 100 user_params = params[:user] || {} | 107 user_params = params[:user] || {} |
| 101 @user = User.new | 108 @user = User.new |
| 102 @user.safe_attributes = user_params | 109 @user.safe_attributes = user_params |
| 103 @user.admin = false | 110 @user.admin = false |
| 108 @user.auth_source_id = session[:auth_source_registration][:auth_source_id] | 115 @user.auth_source_id = session[:auth_source_registration][:auth_source_id] |
| 109 if @user.save | 116 if @user.save |
| 110 session[:auth_source_registration] = nil | 117 session[:auth_source_registration] = nil |
| 111 self.logged_user = @user | 118 self.logged_user = @user |
| 112 flash[:notice] = l(:notice_account_activated) | 119 flash[:notice] = l(:notice_account_activated) |
| 113 redirect_to :controller => 'my', :action => 'account' | 120 redirect_to my_account_path |
| 114 end | 121 end |
| 115 else | 122 else |
| 116 @user.login = params[:user][:login] | 123 @user.login = params[:user][:login] |
| 117 unless user_params[:identity_url].present? && user_params[:password].blank? && user_params[:password_confirmation].blank? | 124 unless user_params[:identity_url].present? && user_params[:password].blank? && user_params[:password_confirmation].blank? |
| 118 @user.password, @user.password_confirmation = user_params[:password], user_params[:password_confirmation] | 125 @user.password, @user.password_confirmation = user_params[:password], user_params[:password_confirmation] |
| 130 end | 137 end |
| 131 end | 138 end |
| 132 | 139 |
| 133 # Token based account activation | 140 # Token based account activation |
| 134 def activate | 141 def activate |
| 135 redirect_to(home_url) && return unless Setting.self_registration? && params[:token] | 142 (redirect_to(home_url); return) unless Setting.self_registration? && params[:token].present? |
| 136 token = Token.find_by_action_and_value('register', params[:token]) | 143 token = Token.find_token('register', params[:token].to_s) |
| 137 redirect_to(home_url) && return unless token and !token.expired? | 144 (redirect_to(home_url); return) unless token and !token.expired? |
| 138 user = token.user | 145 user = token.user |
| 139 redirect_to(home_url) && return unless user.registered? | 146 (redirect_to(home_url); return) unless user.registered? |
| 140 user.activate | 147 user.activate |
| 141 if user.save | 148 if user.save |
| 142 token.destroy | 149 token.destroy |
| 143 flash[:notice] = l(:notice_account_activated) | 150 flash[:notice] = l(:notice_account_activated) |
| 144 end | 151 end |
| 167 successful_authentication(user) | 174 successful_authentication(user) |
| 168 end | 175 end |
| 169 end | 176 end |
| 170 | 177 |
| 171 def open_id_authenticate(openid_url) | 178 def open_id_authenticate(openid_url) |
| 172 authenticate_with_open_id(openid_url, :required => [:nickname, :fullname, :email], :return_to => signin_url, :method => :post) do |result, identity_url, registration| | 179 back_url = signin_url(:autologin => params[:autologin]) |
| 180 | |
| 181 authenticate_with_open_id(openid_url, :required => [:nickname, :fullname, :email], :return_to => back_url, :method => :post) do |result, identity_url, registration| | |
| 173 if result.successful? | 182 if result.successful? |
| 174 user = User.find_or_initialize_by_identity_url(identity_url) | 183 user = User.find_or_initialize_by_identity_url(identity_url) |
| 175 if user.new_record? | 184 if user.new_record? |
| 176 # Self-registration off | 185 # Self-registration off |
| 177 redirect_to(home_url) && return unless Setting.self_registration? | 186 (redirect_to(home_url); return) unless Setting.self_registration? |
| 178 | 187 |
| 179 # Create on the fly | 188 # Create on the fly |
| 180 user.login = registration['nickname'] unless registration['nickname'].nil? | 189 user.login = registration['nickname'] unless registration['nickname'].nil? |
| 181 user.mail = registration['email'] unless registration['email'].nil? | 190 user.mail = registration['email'] unless registration['email'].nil? |
| 182 user.firstname, user.lastname = registration['fullname'].split(' ') unless registration['fullname'].nil? | 191 user.firstname, user.lastname = registration['fullname'].split(' ') unless registration['fullname'].nil? |
| 216 # generate a key and set cookie if autologin | 225 # generate a key and set cookie if autologin |
| 217 if params[:autologin] && Setting.autologin? | 226 if params[:autologin] && Setting.autologin? |
| 218 set_autologin_cookie(user) | 227 set_autologin_cookie(user) |
| 219 end | 228 end |
| 220 call_hook(:controller_account_success_authentication_after, {:user => user }) | 229 call_hook(:controller_account_success_authentication_after, {:user => user }) |
| 221 redirect_back_or_default :controller => 'my', :action => 'page' | 230 redirect_back_or_default my_page_path |
| 222 end | 231 end |
| 223 | 232 |
| 224 def set_autologin_cookie(user) | 233 def set_autologin_cookie(user) |
| 225 token = Token.create(:user => user, :action => 'autologin') | 234 token = Token.create(:user => user, :action => 'autologin') |
| 226 cookie_name = Redmine::Configuration['autologin_cookie_name'] || 'autologin' | |
| 227 cookie_options = { | 235 cookie_options = { |
| 228 :value => token.value, | 236 :value => token.value, |
| 229 :expires => 1.year.from_now, | 237 :expires => 1.year.from_now, |
| 230 :path => (Redmine::Configuration['autologin_cookie_path'] || '/'), | 238 :path => (Redmine::Configuration['autologin_cookie_path'] || '/'), |
| 231 :secure => (Redmine::Configuration['autologin_cookie_secure'] ? true : false), | 239 :secure => (Redmine::Configuration['autologin_cookie_secure'] ? true : false), |
| 232 :httponly => true | 240 :httponly => true |
| 233 } | 241 } |
| 234 cookies[cookie_name] = cookie_options | 242 cookies[autologin_cookie_name] = cookie_options |
| 235 end | 243 end |
| 236 | 244 |
| 237 # Onthefly creation failed, display the registration form to fill/fix attributes | 245 # Onthefly creation failed, display the registration form to fill/fix attributes |
| 238 def onthefly_creation_failed(user, auth_source_options = { }) | 246 def onthefly_creation_failed(user, auth_source_options = { }) |
| 239 @user = user | 247 @user = user |
| 268 user.activate | 276 user.activate |
| 269 user.last_login_on = Time.now | 277 user.last_login_on = Time.now |
| 270 if user.save | 278 if user.save |
| 271 self.logged_user = user | 279 self.logged_user = user |
| 272 flash[:notice] = l(:notice_account_activated) | 280 flash[:notice] = l(:notice_account_activated) |
| 273 redirect_to :controller => 'my', :action => 'account' | 281 redirect_to my_account_path |
| 274 else | 282 else |
| 275 yield if block_given? | 283 yield if block_given? |
| 276 end | 284 end |
| 277 end | 285 end |
| 278 | 286 |