- def login
- session[:referer] = safe_referer(params[:referer]) if params[:referer]
-
- if params[:username].present? && params[:password].present?
- session[:remember_me] ||= params[:remember_me]
- password_authentication(params[:username], params[:password])
- end
- end
-
- def logout
- @title = t "users.logout.title"
-
- if request.post?
- if session[:token]
- token = UserToken.find_by(:token => session[:token])
- token&.destroy
- session.delete(:token)
- end
- session.delete(:user)
- session_expires_automatically
- if params[:referer]
- redirect_to safe_referer(params[:referer])
- else
- redirect_to :controller => "site", :action => "index"
- end
- end
- end
-
- def confirm
- if request.post?
- token = UserToken.find_by(:token => params[:confirm_string])
- if token&.user&.active?
- flash[:error] = t("users.confirm.already active")
- redirect_to :action => "login"
- elsif !token || token.expired?
- flash[:error] = t("users.confirm.unknown token")
- redirect_to :action => "confirm"
- else
- user = token.user
- user.status = "active"
- user.email_valid = true
- flash[:notice] = gravatar_status_message(user) if gravatar_enable(user)
- user.save!
- referer = safe_referer(token.referer) if token.referer
- token.destroy
-
- if session[:token]
- token = UserToken.find_by(:token => session[:token])
- session.delete(:token)
- else
- token = nil
- end
-
- if token.nil? || token.user != user
- flash[:notice] = t("users.confirm.success")
- redirect_to :action => :login, :referer => referer
- else
- token.destroy
-
- session[:user] = user.id
- session[:fingerprint] = user.fingerprint
-
- redirect_to referer || welcome_path
- end
- end
- else
- user = User.find_by(:display_name => params[:display_name])
-
- redirect_to root_path if user.nil? || user.active?
- end
- end
-
- def confirm_resend
- user = User.find_by(:display_name => params[:display_name])
- token = UserToken.find_by(:token => session[:token])
-
- if user.nil? || token.nil? || token.user != user
- flash[:error] = t "users.confirm_resend.failure", :name => params[:display_name]
- else
- UserMailer.signup_confirm(user, user.tokens.create).deliver_later
- flash[:notice] = t("users.confirm_resend.success", :email => user.email, :sender => Settings.support_email).html_safe
- end
-
- redirect_to :action => "login"
- end
-
- def confirm_email
- if request.post?
- token = UserToken.find_by(:token => params[:confirm_string])
- if token&.user&.new_email?
- self.current_user = token.user
- current_user.email = current_user.new_email
- current_user.new_email = nil
- current_user.email_valid = true
- gravatar_enabled = gravatar_enable(current_user)
- if current_user.save
- flash[:notice] = if gravatar_enabled
- "#{t('users.confirm_email.success')} #{gravatar_status_message(current_user)}"
- else
- t("users.confirm_email.success")
- end
- else
- flash[:errors] = current_user.errors
- end
- current_user.tokens.delete_all
- session[:user] = current_user.id
- session[:fingerprint] = current_user.fingerprint
- redirect_to :action => "account", :display_name => current_user.display_name
- elsif token
- flash[:error] = t "users.confirm_email.failure"
- redirect_to :action => "account", :display_name => token.user.display_name
- else
- flash[:error] = t "users.confirm_email.unknown_token"
- end
- end
- end
-