From 938cbcd8625b4bc1eb6f0c5b2ce54bc85b34a3e5 Mon Sep 17 00:00:00 2001 From: Tom Hughes Date: Sun, 28 Feb 2010 14:36:07 +0000 Subject: [PATCH] Allow a logged in user to relogin as a different user just by visiting the login page. --- app/controllers/user_controller.rb | 40 ++++++++++++++---------------- app/views/user/login.html.erb | 4 +-- 2 files changed, 20 insertions(+), 24 deletions(-) diff --git a/app/controllers/user_controller.rb b/app/controllers/user_controller.rb index 5b6222a98..db8a509bd 100644 --- a/app/controllers/user_controller.rb +++ b/app/controllers/user_controller.rb @@ -146,43 +146,39 @@ class UserController < ApplicationController def new @title = t 'user.new.title' - # The user is logged in already, so don't show them the signup page, instead - # send them to the home page + # The user is logged in already, so don't show them the signup + # page, instead send them to the home page redirect_to :controller => 'site', :action => 'index' if session[:user] end def login - if params[:user] and session[:user].nil? + @title = t 'user.login.title' + + if params[:user] email_or_display_name = params[:user][:email] pass = params[:user][:password] user = User.authenticate(:username => email_or_display_name, :password => pass) + if user session[:user] = user.id session_expires_after 1.month if params[:remember_me] - elsif User.authenticate(:username => email_or_display_name, :password => pass, :inactive => true) + + # The user is logged in, if the referer param exists, redirect + # them to that unless they've also got a block on them, in + # which case redirect them to the block so they can clear it. + if user.blocked_on_view + redirect_to user.blocked_on_view, :referrer => params[:referrer] + elsif params[:referer] + redirect_to params[:referer] + else + redirect_to :controller => 'site', :action => 'index' + end + elsif User.authenticate(:username => email_or_display_name, :password => pass, :inactive => true) flash.now[:error] = t 'user.login.account not active' else flash.now[:error] = t 'user.login.auth failure' end end - - if session[:user] - # The user is logged in, if the referer param exists, redirect them to that - # unless they've also got a block on them, in which case redirect them to - # the block so they can clear it. - user = User.find(session[:user]) - block = user.blocked_on_view - if block - redirect_to block, :referrer => params[:referrer] - elsif params[:referer] - redirect_to params[:referer] - else - redirect_to :controller => 'site', :action => 'index' - end - return - end - - @title = t 'user.login.title' end def logout diff --git a/app/views/user/login.html.erb b/app/views/user/login.html.erb index 72b7e3026..cf7f4a819 100644 --- a/app/views/user/login.html.erb +++ b/app/views/user/login.html.erb @@ -5,8 +5,8 @@ <% form_tag :action => 'login' do %> <%= hidden_field_tag('referer', h(params[:referer])) %> - - + + -- 2.43.2
<%= t 'user.login.email or username' %><%= text_field('user', 'email',{:size => 28, :maxlength => 255, :tabindex => 1}) %>
<%= t 'user.login.password' %><%= password_field('user', 'password',{:size => 28, :maxlength => 255, :tabindex => 2}) %> (<%= link_to t('user.login.lost password link'), :controller => 'user', :action => 'lost_password' %>)
<%= t 'user.login.email or username' %><%= text_field('user', 'email',{:value => "", :size => 28, :maxlength => 255, :tabindex => 1}) %>
<%= t 'user.login.password' %><%= password_field('user', 'password',{:value => "", :size => 28, :maxlength => 255, :tabindex => 2}) %> (<%= link_to t('user.login.lost password link'), :controller => 'user', :action => 'lost_password' %>)
<%= check_box_tag "remember_me", "yes", false, :tabindex => 3 %>
 
<%= submit_tag t('user.login.login_button'), :tabindex => 3 %>