Class: Decidim::Devise::SessionsController

Inherits:

Devise::SessionsController

• Object
• Devise::SessionsController
• Decidim::Devise::SessionsController

Includes:

Decidim::DeviseAuthenticationMethods, Decidim::DeviseControllers

Defined in:

app/controllers/decidim/devise/sessions_controller.rb

Overview

Custom Devise SessionsController to avoid namespace problems.

Instance Method Summary

• #after_sign_out_path_for(user) ⇒ Object
• #create ⇒ Object
• #destroy ⇒ Object

Methods included from UserBlockedChecker

#check_user_block_status, #check_user_not_blocked

Instance Method Details

#after_sign_out_path_for(user) ⇒ Object

# File 'app/controllers/decidim/devise/sessions_controller.rb', line 39

def after_sign_out_path_for(user)
  request.referer || super
end

#create ⇒ Object

# File 'app/controllers/decidim/devise/sessions_controller.rb', line 12

def create
  super do |user|
    if user.admin?
      # Check that the admin password passes the validation and clear the
      # `password_updated_at` field when the password is weak to force a
      # password update on the user.
      #
      # Handles a case when the user registers through the registration
      # form and they are promoted to an admin after that. In this case,
      # the newly promoted admin user would otherwise have to change their
      # password straight away even if they originally registered with a
      # strong password.
      validator = PasswordValidator.new({ attributes: :password })
      user.update!(password_updated_at: nil) unless validator.validate_each(user, :password, sign_in_params[:password])
    end
  end
end

#destroy ⇒ Object

# File 'app/controllers/decidim/devise/sessions_controller.rb', line 30

def destroy
  current_user.invalidate_all_sessions!
  if params[:translation_suffix].present?
    super { set_flash_message! :notice, params[:translation_suffix], { scope: "decidim.devise.sessions" } }
  else
    super
  end
end