Skip to content

Instantly share code, notes, and snippets.

@benphelps

benphelps/auth_controller.rb

Created March 11, 2014 06:11
Show Gist options
  • Save benphelps/9480435 to your computer and use it in GitHub Desktop.
Save benphelps/9480435 to your computer and use it in GitHub Desktop.
Download ZIP
Raw
auth_controller.rb
class AuthController < ApplicationController
def index
user = User.find_for_authentication(:email => params[:email])
if user.valid_password?(params[:password])
if user.try?(:session) # check for session
session = user.session
if session.expires > Date.new # session has expired, refresh
session.ip_address = request.remote_ip
session.expires = Time.now + 30.minutes
session.save
user.save
render :text => 'Success'
else # session hasn't expired, check remote ip
if session.ip_address == request.remote_ip
render :text => 'Success'
else # remote ip didn't match, deny
render :text => 'Already Logged In'
end
end
else # no session, create one
session = Session.new(
user: user,
ip_address: request.remote_ip,
expires: Time.now + 30.minutes
)
user.session = session
user.save
render :text => 'Success'
end
else
render :text => 'Incorrect Login'
end
end
end
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment