X-Git-Url: https://irasnyder.com/gitweb/?a=blobdiff_plain;f=app%2Fcontrollers%2Flogin_controller.rb;fp=app%2Fcontrollers%2Flogin_controller.rb;h=93524378d3e0c26eaeeb55142429f0f2d1056e7b;hb=0016f273e94771888df4b73eb334d269f1d4975f;hp=0000000000000000000000000000000000000000;hpb=59603ee071ecc9e0d62ee5410b6f1f8a404f2fc6;p=cs356-p2-videostore.git

diff --git a/app/controllers/login_controller.rb b/app/controllers/login_controller.rb
new file mode 100644
index 0000000..9352437
--- /dev/null
+++ b/app/controllers/login_controller.rb
@@ -0,0 +1,54 @@
+class LoginController < ApplicationController
+  layout "admin"
+
+  # Make sure that a user logs in before doing any action here
+  before_filter :authorize, :except => :login
+
+  def add_user
+    @user = User.new(params[:user])
+    if request.post? and @user.save
+      flash.now[:notice] = "User #{@user.name} created"
+      @user = User.new
+    end
+  end
+
+  def login
+    session[:user_id] = nil
+    if request.post?
+      user = User.authenticate(params[:name], params[:password])
+      if user
+        session[:user_id] = user.id
+        redirect_to :action => 'index'
+      else
+        flash[:notice] = "Invalid user/password combination"
+      end
+    end
+  end
+
+  def logout
+    session[:user_id] = nil
+    flash[:notice] = "Logged Out"
+    redirect_to :action => :login
+  end
+
+  def index
+    # No code needed
+  end
+
+  def delete_user
+    if request.post?
+      user = User.find(params[:id])
+      begin
+        user.destroy
+        flash[:notice] = "User #{user.name} deleted"
+      rescue Exception => e
+        flash[:notice] = e.message
+      end
+    end
+    redirect_to(:action => :list_users)
+  end
+
+  def list_users
+    @all_users = User.find(:all)
+  end
+end