29 lines
789 B
Ruby
29 lines
789 B
Ruby
class Api::AuthController < ApplicationController
|
|
skip_before_filter :verify_authenticity_token
|
|
def login
|
|
username = params[:username]
|
|
access = params[:access_code]
|
|
|
|
user = Member.find_by_email(username)
|
|
if user && user.valid_password?(access)
|
|
user.session_token = SecureRandom.hex
|
|
if user.save
|
|
@out=true,user.session_token
|
|
else
|
|
@out=false,"Error occurs in login process."
|
|
end
|
|
else
|
|
@out=false,"Sorry!Unauthorized user!"
|
|
end
|
|
end
|
|
def logout
|
|
login_token = params[:session_token]
|
|
@user = Member.find_by_session_token(login_token)
|
|
if !@user.nil?
|
|
@user.session_token = nil
|
|
if @user.save
|
|
return @user
|
|
end
|
|
end
|
|
end
|
|
end |