diff options
author | NavaL <ayoyo@thoughtworks.com> | 2016-07-14 15:44:07 +0200 |
---|---|---|
committer | NavaL <ayoyo@thoughtworks.com> | 2016-07-14 15:44:07 +0200 |
commit | e3c2cb91dfef5c39c608b967e702e9de977d1bd2 (patch) | |
tree | 154dc28dd986bd6e0a48e933c5da46994ffaa0cb /app/controllers/api/sessions_controller.rb | |
parent | e2f19bcfb6dbce77746c2d61715340525b29a592 (diff) | |
parent | f09e6ec1337962ab279f021a6a6d0ff30479ebe0 (diff) |
Merge branch 'develop' of https://github.com/leapcode/leap_web into feature/expose_admin_in_api
Diffstat (limited to 'app/controllers/api/sessions_controller.rb')
-rw-r--r-- | app/controllers/api/sessions_controller.rb | 44 |
1 files changed, 44 insertions, 0 deletions
diff --git a/app/controllers/api/sessions_controller.rb b/app/controllers/api/sessions_controller.rb new file mode 100644 index 0000000..c8deb7a --- /dev/null +++ b/app/controllers/api/sessions_controller.rb @@ -0,0 +1,44 @@ +module Api + class SessionsController < ApiController + + before_filter :require_login, only: :destroy + + def new + @session = Session.new + if authentication_errors + @errors = authentication_errors + render :status => 422 + end + end + + def create + logout if logged_in? + if params['A'] + authenticate! + else + @user = User.find_by_login(params['login']) + render :json => {salt: @user.salt} + end + end + + def update + authenticate! + @token = Token.create(:user_id => current_user.id) + session[:token] = @token.id + render :json => login_response + end + + def destroy + logout + head :no_content + end + + protected + + def login_response + handshake = session.delete(:handshake) || {} + handshake.to_hash.merge(:id => current_user.id, :token => @token.to_s) + end + + end +end |