Class: ActionAuth::SessionsController
- Inherits:
-
ApplicationController
- Object
- ActionController::Base
- ApplicationController
- ActionAuth::SessionsController
- Defined in:
- app/controllers/action_auth/sessions_controller.rb
Instance Method Summary collapse
Instance Method Details
#create ⇒ Object
20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 |
# File 'app/controllers/action_auth/sessions_controller.rb', line 20 def create if user = User.authenticate_by(email: params[:email], password: params[:password]) if user.second_factor_enabled? session[:webauthn_user_id] = user.id redirect_to new_webauthn_credential_authentications_path else return if check_if_email_is_verified(user) @session = user.sessions.create session_token_hash = { value: @session.id, httponly: true } session_token_hash[:secure] = Rails.env.production? if Rails.env.production? session_token_hash[:same_site] = :lax unless Rails.env.test? session_token_hash[:domain] = :all if ActionAuth.configuration. .signed.permanent[:session_token] = session_token_hash redirect_to main_app.root_path, notice: "Signed in successfully" end else redirect_to sign_in_path(email_hint: params[:email]), alert: "That email or password is incorrect" end end |
#destroy ⇒ Object
40 41 42 43 44 45 46 47 48 49 |
# File 'app/controllers/action_auth/sessions_controller.rb', line 40 def destroy session = Current.user.sessions.find(params[:id]) session.destroy = {} [:secure] = Rails.env.production? if Rails.env.production? [:same_site] = :lax unless Rails.env.test? .delete(:session_token, ) response.headers["Clear-Site-Data"] = '"cache","storage"' redirect_to main_app.root_path, notice: "That session has been logged out" end |
#index ⇒ Object
12 13 14 15 |
# File 'app/controllers/action_auth/sessions_controller.rb', line 12 def index @action_auth_wide = true @sessions = Current.user.sessions.order(created_at: :desc) end |
#new ⇒ Object
17 18 |
# File 'app/controllers/action_auth/sessions_controller.rb', line 17 def new end |