search

ragegage / robinbanks

Stock price visualizer built with Rails and React
https://www.robinbanks.herokuapp.com/
0 stars 0 forks source link

create session controller #3

Closed ragegage closed 8 years ago

ragegage commented 8 years ago

class Api::SessionController < ApplicationController def create @user = User.find_by_credentials(params[:user][:username] params[:user][:password]) if @user @user.login! status = 200 render 'api/user/show' status: status else status = 500 @errors = @user.errors.full_messages render 'api/user/show' status: status end end def destroy if current_user current_user.logout! status = 200 @user = current_user render 'api/user/show' status: status else status = 500 @errors = ["nobody is logged in"] render 'api/user/show' status: status end end end

ragegage commented 8 years ago

`class ApplicationController < ActionController::Base

Prevent CSRF attacks by raising an exception.

For APIs, you may want to use :null_session instead.

protect_from_forgery with: :exception

def current_user @current_user || User.find_by(session[:session_token]) end

def login! user session[:session_token] = user.reset_session_token! end

def logout! current_user.reset_session_token! end end `