1 class LoginController < ApplicationController
4 # Make sure that a user logs in before doing any action here
5 before_filter :authorize, :only => :index
7 # Only managers can do the following actions
8 before_filter :manager, :only => [:add_user, :delete_user, :list_users]
11 @user = User.new(params[:user])
12 if request.post? and @user.save
13 flash.now[:notice] = "User #{@user.name} created"
19 session[:user_id] = nil
21 user = User.authenticate(params[:name], params[:password])
23 session[:user_id] = user.id
24 redirect_to :action => 'index'
26 flash[:notice] = "Invalid user/password combination"
32 session[:user_id] = nil
33 flash[:notice] = "Logged Out"
34 redirect_to :action => :login
43 user = User.find(params[:id])
46 flash[:notice] = "User #{user.name} deleted"
48 flash[:notice] = e.message
51 redirect_to(:action => :list_users)
55 @all_users = User.find(:all)