heartcombo--devise/app/controllers/devise/sessions_controller.rb

class Devise::SessionsController < ApplicationController
  prepend_before_filter :require_no_authentication, :only => [ :new, :create ]
  include Devise::Controllers::InternalHelpers

  # GET /resource/sign_in
  def new
    resource = build_resource
    clean_up_passwords(resource)
    respond_with_navigational(resource, stub_options(resource)){ render_with_scope :new }
  end

  # POST /resource/sign_in
  def create
    resource = warden.authenticate!(:scope => resource_name, :recall => "#{controller_path}#new")
    set_flash_message(:notice, :signed_in) if is_navigational_format?
    sign_in(resource_name, resource)
    respond_with resource, :location => redirect_location(resource_name, resource)
  end

  # GET /resource/sign_out
  def destroy
    signed_in = signed_in?(resource_name)
    Devise.sign_out_all_scopes ? sign_out : sign_out(resource_name)
    set_flash_message :notice, :signed_out if signed_in

    # We actually need to hardcode this, as Rails default responder doesn't
    # support returning empty response on GET request
    respond_to do |format|
      format.any(*navigational_formats) { redirect_to after_sign_out_path_for(resource_name) }
      format.all do
        method = "to_#{request_format}"
        text = {}.respond_to?(method) ? {}.send(method) : ""
        render :text => text, :status => :ok
      end
    end
  end

  protected

  def stub_options(resource)
    array = resource_class.authentication_keys.dup
    array << :password if resource.respond_to?(:password)
    { :methods => array, :only => [:password] }
  end
end
Update views generator and now have scoped views. 2010-02-17 06:25:20 -05:00			`class Devise::SessionsController < ApplicationController`
Use prepend_before_filter in require_no_authentication. We need to be sure require_no_authentication runs before other user filters that may call some Devise helper (ie current_xxx). Conflicts: app/controllers/devise/passwords_controller.rb app/controllers/devise/registrations_controller.rb app/controllers/devise/sessions_controller.rb app/controllers/devise/unlocks_controller.rb lib/devise/controllers/internal_helpers.rb test/rails_app/app/controllers/application_controller.rb 2010-03-26 07:26:51 -04:00			`prepend_before_filter :require_no_authentication, :only => [ :new, :create ]`
DRY up controllers. 2010-01-13 12:12:13 -05:00			`include Devise::Controllers::InternalHelpers`
Do not include Devise internal helpers in application controller. 2009-10-27 19:26:40 -04:00
Better documentation. 2009-10-17 11:10:15 -04:00			`# GET /resource/sign_in`
Configuring session and password controllers as engine, and getting integration tests from devise example app. 2009-10-07 20:46:40 -04:00			`def new`
sessions/new also responds to xml and json now 2011-04-18 03:56:24 -04:00			`resource = build_resource`
			`clean_up_passwords(resource)`
			`respond_with_navigational(resource, stub_options(resource)){ render_with_scope :new }`
Configuring session and password controllers as engine, and getting integration tests from devise example app. 2009-10-07 20:46:40 -04:00			`end`

Better documentation. 2009-10-17 11:10:15 -04:00			`# POST /resource/sign_in`
Configuring session and password controllers as engine, and getting integration tests from devise example app. 2009-10-07 20:46:40 -04:00			`def create`
Ensure we are pointing to the proper sessions controller on failure. 2010-09-26 15:11:28 -04:00			`resource = warden.authenticate!(:scope => resource_name, :recall => "#{controller_path}#new")`
Add support for non-navigational format response to SessionsController This will make Devise::SessionsController return the authenticated object in the requested format instead of redirect the client to another page upon success authentication. 2010-12-20 05:08:48 -05:00			`set_flash_message(:notice, :signed_in) if is_navigational_format?`
			`sign_in(resource_name, resource)`
			`respond_with resource, :location => redirect_location(resource_name, resource)`
Configuring session and password controllers as engine, and getting integration tests from devise example app. 2009-10-07 20:46:40 -04:00			`end`

Better documentation. 2009-10-17 11:10:15 -04:00			`# GET /resource/sign_out`
Configuring session and password controllers as engine, and getting integration tests from devise example app. 2009-10-07 20:46:40 -04:00			`def destroy`
Sign out by default will destroy the existing session. 2010-10-10 10:45:55 -04:00			`signed_in = signed_in?(resource_name)`
Add support for `destory_user_session_path` in another non-navigational formats such as JSON and XML Signed-off-by: José Valim <jose.valim@gmail.com> 2011-01-16 08:31:37 -05:00			`Devise.sign_out_all_scopes ? sign_out : sign_out(resource_name)`
Sign out by default will destroy the existing session. 2010-10-10 10:45:55 -04:00			`set_flash_message :notice, :signed_out if signed_in`
Add support for `destory_user_session_path` in another non-navigational formats such as JSON and XML Signed-off-by: José Valim <jose.valim@gmail.com> 2011-01-16 08:31:37 -05:00
Refactor a bit navigational format responses, to not call to_sym and reuse the request_format logic from FailureApp. 2011-03-30 08:09:12 -04:00			`# We actually need to hardcode this, as Rails default responder doesn't`
Add support for `destory_user_session_path` in another non-navigational formats such as JSON and XML Signed-off-by: José Valim <jose.valim@gmail.com> 2011-01-16 08:31:37 -05:00			`# support returning empty response on GET request`
			`respond_to do \|format\|`
			`format.any(*navigational_formats) { redirect_to after_sign_out_path_for(resource_name) }`
Refactor a bit navigational format responses, to not call to_sym and reuse the request_format logic from FailureApp. 2011-03-30 08:09:12 -04:00			`format.all do`
			`method = "to_#{request_format}"`
			`text = {}.respond_to?(method) ? {}.send(method) : ""`
			`render :text => text, :status => :ok`
			`end`
Add support for `destory_user_session_path` in another non-navigational formats such as JSON and XML Signed-off-by: José Valim <jose.valim@gmail.com> 2011-01-16 08:31:37 -05:00			`end`
Configuring session and password controllers as engine, and getting integration tests from devise example app. 2009-10-07 20:46:40 -04:00			`end`
sessions/new also responds to xml and json now 2011-04-18 03:56:24 -04:00
			`protected`

			`def stub_options(resource)`
Other minor improvements in the REST code. 2011-04-19 02:35:03 -04:00			`array = resource_class.authentication_keys.dup`
			`array << :password if resource.respond_to?(:password)`
			`{ :methods => array, :only => [:password] }`
sessions/new also responds to xml and json now 2011-04-18 03:56:24 -04:00			`end`
			`end`