--- /dev/null
+class LoginController < ApplicationController
+ layout "admin"
+
+ # Make sure that a user logs in before doing any action here
+ before_filter :authorize, :except => :login
+
+ def add_user
+ @user = User.new(params[:user])
+ if request.post? and @user.save
+ flash.now[:notice] = "User #{@user.name} created"
+ @user = User.new
+ end
+ end
+
+ def login
+ session[:user_id] = nil
+ if request.post?
+ user = User.authenticate(params[:name], params[:password])
+ if user
+ session[:user_id] = user.id
+ redirect_to :action => 'index'
+ else
+ flash[:notice] = "Invalid user/password combination"
+ end
+ end
+ end
+
+ def logout
+ session[:user_id] = nil
+ flash[:notice] = "Logged Out"
+ redirect_to :action => :login
+ end
+
+ def index
+ # No code needed
+ end
+
+ def delete_user
+ if request.post?
+ user = User.find(params[:id])
+ begin
+ user.destroy
+ flash[:notice] = "User #{user.name} deleted"
+ rescue Exception => e
+ flash[:notice] = e.message
+ end
+ end
+ redirect_to(:action => :list_users)
+ end
+
+ def list_users
+ @all_users = User.find(:all)
+ end
+end