The llogin action is less complicated than the blogin action, so we??™ll look at that
one now:
def llogin
if request.post?
if auth = Authentication.find_by_username_and_password(
params[:username],params[:password])
if librarian = Librarian.find_by_authentication_id(auth.id)
session[:librarian_id] = librarian.id
flash[:notice] = "You have been logged in as a Librarian"
redirect_to params[:into] || {:controller => 'librarians',
:action => 'index'}
return
else
flash[:error] = "You don't have a librarian account"
end
else
flash[:error] = "Wrong username or password"
end
end
@into = params[:into]
end
CHAPTER 14 ?– THE LIBLIB RAILS APPLICATION 268
You only consider it a login try if it??™s a post, otherwise you just set the @into variable. If it??™s
a post you try to find the authentication object with corresponding username and password,
and then to find a librarian associated with this authentication. If you find this, the person
gets logged in and redirected to the correct place; otherwise an appropriate error message is
displayed.
The view for this action is straightforward (see Listing 14-5).
Listing 14-5. app/views/auth/llogin.rhtml
Please login with your username and password
<%= start_form_tag %>
<%= hidden_field_tag 'into', @into %>
Username: | <%= text_field_tag 'username' %> |
Password: | <%= password_field_tag 'password' %> |
<%= submit_tag 'Login' %> |
<%= end_form_tag %>
As mentioned earlier, the blogin action is complex.
Pages:
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398