summaryrefslogtreecommitdiff
path: root/app/controllers/api/sessions_controller.rb
diff options
context:
space:
mode:
authorNavaL <ayoyo@thoughtworks.com>2016-07-14 15:44:07 +0200
committerNavaL <ayoyo@thoughtworks.com>2016-07-14 15:44:07 +0200
commite3c2cb91dfef5c39c608b967e702e9de977d1bd2 (patch)
tree154dc28dd986bd6e0a48e933c5da46994ffaa0cb /app/controllers/api/sessions_controller.rb
parente2f19bcfb6dbce77746c2d61715340525b29a592 (diff)
parentf09e6ec1337962ab279f021a6a6d0ff30479ebe0 (diff)
Merge branch 'develop' of https://github.com/leapcode/leap_web into feature/expose_admin_in_api
Diffstat (limited to 'app/controllers/api/sessions_controller.rb')
-rw-r--r--app/controllers/api/sessions_controller.rb44
1 files changed, 44 insertions, 0 deletions
diff --git a/app/controllers/api/sessions_controller.rb b/app/controllers/api/sessions_controller.rb
new file mode 100644
index 0000000..c8deb7a
--- /dev/null
+++ b/app/controllers/api/sessions_controller.rb
@@ -0,0 +1,44 @@
+module Api
+ class SessionsController < ApiController
+
+ before_filter :require_login, only: :destroy
+
+ def new
+ @session = Session.new
+ if authentication_errors
+ @errors = authentication_errors
+ render :status => 422
+ end
+ end
+
+ def create
+ logout if logged_in?
+ if params['A']
+ authenticate!
+ else
+ @user = User.find_by_login(params['login'])
+ render :json => {salt: @user.salt}
+ end
+ end
+
+ def update
+ authenticate!
+ @token = Token.create(:user_id => current_user.id)
+ session[:token] = @token.id
+ render :json => login_response
+ end
+
+ def destroy
+ logout
+ head :no_content
+ end
+
+ protected
+
+ def login_response
+ handshake = session.delete(:handshake) || {}
+ handshake.to_hash.merge(:id => current_user.id, :token => @token.to_s)
+ end
+
+ end
+end