Add Login system

[cs356-p2-videostore.git] / app / controllers / login_controller.rb

diff --git a/app/controllers/login_controller.rb b/app/controllers/login_controller.rb
new file mode 100644 (file)
index 0000000..9352437
--- /dev/null
+++ b/app/controllers/login_controller.rb
@@ -0,0 +1,54 @@
+class LoginController < ApplicationController
+  layout "admin"
+
+  # Make sure that a user logs in before doing any action here
+  before_filter :authorize, :except => :login
+
+  def add_user
+    @user = User.new(params[:user])
+    if request.post? and @user.save
+      flash.now[:notice] = "User #{@user.name} created"
+      @user = User.new
+    end
+  end
+
+  def login
+    session[:user_id] = nil
+    if request.post?
+      user = User.authenticate(params[:name], params[:password])
+      if user
+        session[:user_id] = user.id
+        redirect_to :action => 'index'
+      else
+        flash[:notice] = "Invalid user/password combination"
+      end
+    end
+  end
+
+  def logout
+    session[:user_id] = nil
+    flash[:notice] = "Logged Out"
+    redirect_to :action => :login
+  end
+
+  def index
+    # No code needed
+  end
+
+  def delete_user
+    if request.post?
+      user = User.find(params[:id])
+      begin
+        user.destroy
+        flash[:notice] = "User #{user.name} deleted"
+      rescue Exception => e
+        flash[:notice] = e.message
+      end
+    end
+    redirect_to(:action => :list_users)
+  end
+
+  def list_users
+    @all_users = User.find(:all)
+  end
+end