demarches-normaliennes/app/controllers/users/sessions_controller.rb

100 lines
2.7 KiB
Ruby
Raw Normal View History

class Users::SessionsController < Sessions::SessionsController
2016-11-14 17:33:45 +01:00
# before_action :configure_sign_in_params, only: [:create]
2015-09-23 10:02:01 +02:00
def demo
return redirect_to root_path if Rails.env.production?
2017-01-03 10:40:09 +01:00
@user = User.new(email: DemoEmails[:user], password: 'password')
render 'new'
end
# GET /resource/sign_in
def new
2017-03-07 10:15:33 +01:00
unless user_return_to_procedure_id.nil? # WTF ?
@dossier = Dossier.new(procedure: Procedure.active(user_return_to_procedure_id))
end
@user = User.new
rescue ActiveRecord::RecordNotFound
error_procedure
end
2015-09-23 10:02:01 +02:00
#POST /resource/sign_in
def create
2017-03-07 10:15:33 +01:00
remember_me = params[:user][:remember_me] == '1'
try_to_authenticate(User, remember_me)
try_to_authenticate(Gestionnaire, remember_me)
try_to_authenticate(Administrateur, remember_me)
if user_signed_in?
current_user.update_attributes(loged_in_with_france_connect: '')
end
if user_signed_in?
redirect_to after_sign_in_path_for(:user)
elsif gestionnaire_signed_in?
location = stored_location_for(:gestionnaire) || backoffice_path
redirect_to location
elsif administrateur_signed_in?
redirect_to admin_path
else
flash.alert = 'Mauvais couple login / mot de passe'
new
render :new, status: 401
end
end
2015-09-23 10:02:01 +02:00
# DELETE /resource/sign_out
2015-10-07 16:38:29 +02:00
def destroy
sign_out :gestionnaire if gestionnaire_signed_in?
sign_out :administrateur if administrateur_signed_in?
2015-10-07 16:38:29 +02:00
if user_signed_in?
connected_with_france_connect = current_user.loged_in_with_france_connect
current_user.update_attributes(loged_in_with_france_connect: '')
2015-10-07 16:38:29 +02:00
sign_out :user
case connected_with_france_connect
when 'entreprise'
redirect_to FRANCE_CONNECT.entreprise_logout_endpoint
return
when 'particulier'
redirect_to FRANCE_CONNECT.particulier_logout_endpoint
return
end
2015-10-07 16:38:29 +02:00
end
respond_to_on_destroy
2015-10-07 16:38:29 +02:00
end
2015-09-23 10:02:01 +02:00
def no_procedure
session['user_return_to'] = nil
redirect_to new_user_session_path
end
private
2015-09-23 10:02:01 +02:00
def error_procedure
flash.alert = t('errors.messages.procedure_not_found')
redirect_to url_for root_path
end
def user_return_to_procedure_id
return nil if session["user_return_to"].nil?
NumberService.to_number session["user_return_to"].split("?procedure_id=").second
end
2017-03-07 10:15:33 +01:00
def try_to_authenticate(klass, remember_me = false)
if resource = klass.find_for_database_authentication(email: params[:user][:email])
if resource.valid_password?(params[:user][:password])
2017-03-07 10:15:33 +01:00
resource.remember_me = remember_me
sign_in resource
2017-02-07 16:56:21 +01:00
resource.force_sync_credentials
set_flash_message :notice, :signed_in
end
end
end
2015-09-23 10:02:01 +02:00
end