jro_apps/redmine Files · app/controllers/account_controller.rb

replace Mailer deliver syntax to Rails3 style...

replace Mailer deliver syntax to Rails3 style git-svn-id: svn+ssh://rubyforge.org/var/svn/redmine/trunk@9638 e93f8b46-1217-0410-a6f0-8f06a7374b81

Toshi MARUYAMA - - Load All Authors

File last commit:

r9455:7af8d7caf064


                r9455:7af8d7caf064

Download file

             account_controller.rb
        
                    279 lines
            
             | 9.1 KiB
            
                | text/x-ruby
            
             |
                RubyLexer
            
             / app / controllers / account_controller.rb
          
                    History
                
                 |
                  Source
                 | Raw
                 |Copy content
                 |Copy permalink

        Jean-Philippe Lang
    
Display latest user's activity on account/show view....

              r2064
            
      # Redmine - project management software

        Jean-Philippe Lang
    
Copyright update....

              r9453
            
      # Copyright (C) 2006-2012  Jean-Philippe Lang

        Jean-Philippe Lang
    
added svn:eol-style native property on /app files...

              r330
            
      #

      # This program is free software; you can redistribute it and/or

      # modify it under the terms of the GNU General Public License

      # as published by the Free Software Foundation; either version 2

      # of the License, or (at your option) any later version.

        Toshi MARUYAMA
    
remove trailing white-spaces from app/controllers/account_controller.rb....

              r6780
            
      #

        Jean-Philippe Lang
    
added svn:eol-style native property on /app files...

              r330
            
      # This program is distributed in the hope that it will be useful,

      # but WITHOUT ANY WARRANTY; without even the implied warranty of

      # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the

      # GNU General Public License for more details.

        Toshi MARUYAMA
    
remove trailing white-spaces from app/controllers/account_controller.rb....

              r6780
            
      #

        Jean-Philippe Lang
    
added svn:eol-style native property on /app files...

              r330
            
      # You should have received a copy of the GNU General Public License

      # along with this program; if not, write to the Free Software

      # Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301, USA.

      class AccountController < ApplicationController

        helper :custom_fields

        Toshi MARUYAMA
    
remove trailing white-spaces from app/controllers/account_controller.rb....

              r6780
            
        include CustomFieldsHelper

        Jean-Philippe Lang
    
added svn:eol-style native property on /app files...

              r330
            
        # prevents login action to be filtered by check_if_login_required application scope filter

        Jean-Philippe Lang
    
AccountController#show (/account/show/:id) moved to UsersController#show (/users/:id)....

              r2874
            
        skip_before_filter :check_if_login_required

        Jean-Philippe Lang
    
added svn:eol-style native property on /app files...

              r330
            
        # Login request and validation

        def login

          if request.get?

        Eric Davis
    
Refactor: Extract method...

              r3423
            
            logout_user

        Jean-Philippe Lang
    
added svn:eol-style native property on /app files...

              r330
            
          else

        Eric Davis
    
Refactor: Extract method...

              r3424
            
            authenticate_user

        Jean-Philippe Lang
    
added svn:eol-style native property on /app files...

              r330
            
          end

        Jean-Philippe Lang
    
Friendly response when the LDAP connection fails....

              r8791
            
        rescue AuthSourceException => e

          logger.error "An error occured when authenticating #{params[:username]}: #{e.message}"

          render_error :message => e.message

        Jean-Philippe Lang
    
added svn:eol-style native property on /app files...

              r330
            
        end

        # Log out current user and redirect to welcome page

        def logout

        Eric Davis
    
Refactor: Extract method...

              r3423
            
          logout_user

        Jean-Philippe Lang
    
Added a named route for the home page....

              r749
            
          redirect_to home_url

        Jean-Philippe Lang
    
added svn:eol-style native property on /app files...

              r330
            
        end

        Toshi MARUYAMA
    
remove trailing white-spaces from app/controllers/account_controller.rb....

              r6780
            
        Jean-Philippe Lang
    
added svn:eol-style native property on /app files...

              r330
            
        # Enable user to choose a new password

        def lost_password

        Jean-Philippe Lang
    
Added a named route for the home page....

              r749
            
          redirect_to(home_url) && return unless Setting.lost_password?

        Jean-Philippe Lang
    
added svn:eol-style native property on /app files...

              r330
            
          if params[:token]

            @token = Token.find_by_action_and_value("recovery", params[:token])

        Jean-Philippe Lang
    
Added a named route for the home page....

              r749
            
            redirect_to(home_url) && return unless @token and !@token.expired?

        Jean-Philippe Lang
    
added svn:eol-style native property on /app files...

              r330
            
            @user = @token.user

            if request.post?

              @user.password, @user.password_confirmation = params[:new_password], params[:new_password_confirmation]

              if @user.save

                @token.destroy

                flash[:notice] = l(:notice_account_password_updated)

                redirect_to :action => 'login'

                return

        Toshi MARUYAMA
    
remove trailing white-spaces from app/controllers/account_controller.rb....

              r6780
            
              end

        Jean-Philippe Lang
    
added svn:eol-style native property on /app files...

              r330
            
            end

            render :template => "account/password_recovery"

            return

          else

            if request.post?

              user = User.find_by_mail(params[:mail])

              # user not found in db

        Jean-Philippe Lang
    
Removes "xxx and return" calls (#4446)....

              r3071
            
              (flash.now[:error] = l(:notice_account_unknown_email); return) unless user

        Jean-Philippe Lang
    
added svn:eol-style native property on /app files...

              r330
            
              # user uses an external authentification

        Jean-Philippe Lang
    
Removes "xxx and return" calls (#4446)....

              r3071
            
              (flash.now[:error] = l(:notice_can_t_change_password); return) if user.auth_source_id

        Jean-Philippe Lang
    
added svn:eol-style native property on /app files...

              r330
            
              # create a new token for password recovery

              token = Token.new(:user => user, :action => "recovery")

              if token.save

        Toshi MARUYAMA
    
replace Mailer deliver syntax to Rails3 style...

              r9455
            
                Mailer.lost_password(token).deliver

        Jean-Philippe Lang
    
added svn:eol-style native property on /app files...

              r330
            
                flash[:notice] = l(:notice_account_lost_email_sent)

                redirect_to :action => 'login'

                return

              end

            end

          end

        end

        Toshi MARUYAMA
    
remove trailing white-spaces from app/controllers/account_controller.rb....

              r6780
            
        Jean-Philippe Lang
    
added svn:eol-style native property on /app files...

              r330
            
        # User self-registration

        def register

        Jean-Philippe Lang
    
Improved on-the-fly account creation. If some attributes are missing (eg. not present in the LDAP) or are invalid, the registration form is displayed so that the user is able to fill or fix these attributes....

              r1661
            
          redirect_to(home_url) && return unless Setting.self_registration? || session[:auth_source_registration]

        Jean-Philippe Lang
    
There's now 3 account activation strategies (available in application settings):...

              r902
            
          if request.get?

        Jean-Philippe Lang
    
Improved on-the-fly account creation. If some attributes are missing (eg. not present in the LDAP) or are invalid, the registration form is displayed so that the user is able to fill or fix these attributes....

              r1661
            
            session[:auth_source_registration] = nil

        Jean-Philippe Lang
    
There's now 3 account activation strategies (available in application settings):...

              r902
            
            @user = User.new(:language => Setting.default_language)

        Jean-Philippe Lang
    
added svn:eol-style native property on /app files...

              r330
            
          else

        Jean-Philippe Lang
    
Removed unsafe attributes assignment....

              r8664
            
            @user = User.new

            @user.safe_attributes = params[:user]

        Jean-Philippe Lang
    
There's now 3 account activation strategies (available in application settings):...

              r902
            
            @user.admin = false

        Eric Davis
    
Refactor: Add methods to User to edit the encapsulate the status field....

              r3792
            
            @user.register

        Jean-Philippe Lang
    
Improved on-the-fly account creation. If some attributes are missing (eg. not present in the LDAP) or are invalid, the registration form is displayed so that the user is able to fill or fix these attributes....

              r1661
            
            if session[:auth_source_registration]

        Eric Davis
    
Refactor: Add methods to User to edit the encapsulate the status field....

              r3792
            
              @user.activate

        Jean-Philippe Lang
    
Improved on-the-fly account creation. If some attributes are missing (eg. not present in the LDAP) or are invalid, the registration form is displayed so that the user is able to fill or fix these attributes....

              r1661
            
              @user.login = session[:auth_source_registration][:login]

              @user.auth_source_id = session[:auth_source_registration][:auth_source_id]

        Jean-Philippe Lang
    
There's now 3 account activation strategies (available in application settings):...

              r902
            
              if @user.save

        Jean-Philippe Lang
    
Improved on-the-fly account creation. If some attributes are missing (eg. not present in the LDAP) or are invalid, the registration form is displayed so that the user is able to fill or fix these attributes....

              r1661
            
                session[:auth_source_registration] = nil

        Jean-Philippe Lang
    
Log the user in after registration if account activation is not needed....

              r1507
            
                self.logged_user = @user

        Jean-Philippe Lang
    
There's now 3 account activation strategies (available in application settings):...

              r902
            
                flash[:notice] = l(:notice_account_activated)

        Jean-Philippe Lang
    
Log the user in after registration if account activation is not needed....

              r1507
            
                redirect_to :controller => 'my', :action => 'account'

        Jean-Philippe Lang
    
There's now 3 account activation strategies (available in application settings):...

              r902
            
              end

            else

        Jean-Philippe Lang
    
Improved on-the-fly account creation. If some attributes are missing (eg. not present in the LDAP) or are invalid, the registration form is displayed so that the user is able to fill or fix these attributes....

              r1661
            
              @user.login = params[:user][:login]

        Jean-Philippe Lang
    
Fixed registration form broken by r8479....

              r8662
            
              @user.password, @user.password_confirmation = params[:user][:password], params[:user][:password_confirmation]

        Eric Davis
    
Refactored common methods out of register and open_id_authenticate...

              r2386
            
        Jean-Philippe Lang
    
Improved on-the-fly account creation. If some attributes are missing (eg. not present in the LDAP) or are invalid, the registration form is displayed so that the user is able to fill or fix these attributes....

              r1661
            
              case Setting.self_registration

              when '1'

        Eric Davis
    
Refactored common methods out of register and open_id_authenticate...

              r2386
            
                register_by_email_activation(@user)

        Jean-Philippe Lang
    
Improved on-the-fly account creation. If some attributes are missing (eg. not present in the LDAP) or are invalid, the registration form is displayed so that the user is able to fill or fix these attributes....

              r1661
            
              when '3'

        Eric Davis
    
Refactored common methods out of register and open_id_authenticate...

              r2386
            
                register_automatically(@user)

        Jean-Philippe Lang
    
Improved on-the-fly account creation. If some attributes are missing (eg. not present in the LDAP) or are invalid, the registration form is displayed so that the user is able to fill or fix these attributes....

              r1661
            
              else

        Eric Davis
    
Refactored common methods out of register and open_id_authenticate...

              r2386
            
                register_manually_by_administrator(@user)

        Jean-Philippe Lang
    
added svn:eol-style native property on /app files...

              r330
            
              end

            end

          end

        end

        Toshi MARUYAMA
    
remove trailing white-spaces from app/controllers/account_controller.rb....

              r6780
            
        Jean-Philippe Lang
    
There's now 3 account activation strategies (available in application settings):...

              r902
            
        # Token based account activation

        def activate

          redirect_to(home_url) && return unless Setting.self_registration? && params[:token]

          token = Token.find_by_action_and_value('register', params[:token])

          redirect_to(home_url) && return unless token and !token.expired?

          user = token.user

        Eric Davis
    
Refactor: Add methods to User to edit the encapsulate the status field....

              r3792
            
          redirect_to(home_url) && return unless user.registered?

          user.activate

        Jean-Philippe Lang
    
There's now 3 account activation strategies (available in application settings):...

              r902
            
          if user.save

            token.destroy

            flash[:notice] = l(:notice_account_activated)

          end

          redirect_to :action => 'login'

        end

        Toshi MARUYAMA
    
remove trailing white-spaces from app/controllers/account_controller.rb....

              r6780
            
        Jean-Philippe Lang
    
Fixed: When logging in via an autologin cookie the user's last_login_on should be updated (#2820)....

              r2460
            
        private

        Toshi MARUYAMA
    
remove trailing white-spaces from app/controllers/account_controller.rb....

              r6780
            
        Eric Davis
    
Refactor: Extract method...

              r3424
            
        def authenticate_user

          if Setting.openid? && using_open_id?

            open_id_authenticate(params[:openid_url])

          else

            password_authentication

          end

        end

        Eric Davis
    
Added the ability to login via OpenID....

              r2381
            
        def password_authentication

          user = User.try_to_login(params[:username], params[:password])

        Eric Davis
    
Extract method...

              r3095
            
        Eric Davis
    
Added the ability to login via OpenID....

              r2381
            
          if user.nil?

        Eric Davis
    
Extract method...

              r3095
            
            invalid_credentials

        Eric Davis
    
Added the ability to login via OpenID....

              r2381
            
          elsif user.new_record?

        Eric Davis
    
Refactor: Use the existing method for failing onthefly creations....

              r3094
            
            onthefly_creation_failed(user, {:login => user.login, :auth_source_id => user.auth_source_id })

        Eric Davis
    
Added the ability to login via OpenID....

              r2381
            
          else

            # Valid user

            successful_authentication(user)

          end

        end

        def open_id_authenticate(openid_url)

        Jean-Philippe Lang
    
Fixed openid redirect....

              r9396
            
          authenticate_with_open_id(openid_url, :required => [:nickname, :fullname, :email], :return_to => signin_url, :method => :post) do |result, identity_url, registration|

        Eric Davis
    
Added the ability to login via OpenID....

              r2381
            
            if result.successful?

              user = User.find_or_initialize_by_identity_url(identity_url)

              if user.new_record?

        Eric Davis
    
Prevent registration via OpenID if self registration is off. #699...

              r2387
            
                # Self-registration off

                redirect_to(home_url) && return unless Setting.self_registration?

        Eric Davis
    
Added the ability to login via OpenID....

              r2381
            
                # Create on the fly

        Eric Davis
    
Added tests for the other OpenID authentication cases.  #699...

              r2384
            
                user.login = registration['nickname'] unless registration['nickname'].nil?

                user.mail = registration['email'] unless registration['email'].nil?

                user.firstname, user.lastname = registration['fullname'].split(' ') unless registration['fullname'].nil?

        Eric Davis
    
Hooked up on the fly OpenID user creation....

              r2382
            
                user.random_password

        Eric Davis
    
Refactor: Add methods to User to edit the encapsulate the status field....

              r3792
            
                user.register

        Eric Davis
    
Added user setup needed based on the system's registration settings...

              r2385
            
                case Setting.self_registration

                when '1'

        Eric Davis
    
Refactored common methods out of register and open_id_authenticate...

              r2386
            
                  register_by_email_activation(user) do

        Eric Davis
    
Fixed the bug in the OpenID registration where the form wouldn't take a login...

              r2421
            
                    onthefly_creation_failed(user)

        Eric Davis
    
Added user setup needed based on the system's registration settings...

              r2385
            
                  end

                when '3'

        Eric Davis
    
Refactored common methods out of register and open_id_authenticate...

              r2386
            
                  register_automatically(user) do

        Eric Davis
    
Fixed the bug in the OpenID registration where the form wouldn't take a login...

              r2421
            
                    onthefly_creation_failed(user)

        Eric Davis
    
Added user setup needed based on the system's registration settings...

              r2385
            
                  end

        Eric Davis
    
Hooked up on the fly OpenID user creation....

              r2382
            
                else

        Eric Davis
    
Refactored common methods out of register and open_id_authenticate...

              r2386
            
                  register_manually_by_administrator(user) do

        Eric Davis
    
Fixed the bug in the OpenID registration where the form wouldn't take a login...

              r2421
            
                    onthefly_creation_failed(user)

        Eric Davis
    
Added user setup needed based on the system's registration settings...

              r2385
            
                  end

        Toshi MARUYAMA
    
remove trailing white-spaces from app/controllers/account_controller.rb....

              r6780
            
                end

        Eric Davis
    
Added the ability to login via OpenID....

              r2381
            
              else

        Eric Davis
    
Hooked up on the fly OpenID user creation....

              r2382
            
                # Existing record

        Eric Davis
    
Fixed a bug in the OpenID login when a user signed up with OpenID but hasn't...

              r2420
            
                if user.active?

                  successful_authentication(user)

                else

                  account_pending

                end

        Eric Davis
    
Added the ability to login via OpenID....

              r2381
            
              end

            end

          end

        end

        Toshi MARUYAMA
    
remove trailing white-spaces from app/controllers/account_controller.rb....

              r6780
            
        Eric Davis
    
Added the ability to login via OpenID....

              r2381
            
        def successful_authentication(user)

          # Valid user

          self.logged_user = user

          # generate a key and set cookie if autologin

          if params[:autologin] && Setting.autologin?

        Jean-Philippe Lang
    
Makes the autologin cookie configurable (#1763)....

              r4636
            
            set_autologin_cookie(user)

        Eric Davis
    
Added the ability to login via OpenID....

              r2381
            
          end

        Eric Davis
    
Added a plugin hook for :controller_account_success_authentication_after...

              r2533
            
          call_hook(:controller_account_success_authentication_after, {:user => user })

        Eric Davis
    
Added the ability to login via OpenID....

              r2381
            
          redirect_back_or_default :controller => 'my', :action => 'page'

        end

        Toshi MARUYAMA
    
remove trailing white-spaces from app/controllers/account_controller.rb....

              r6780
            
        Jean-Philippe Lang
    
Makes the autologin cookie configurable (#1763)....

              r4636
            
        def set_autologin_cookie(user)

          token = Token.create(:user => user, :action => 'autologin')

          cookie_name = Redmine::Configuration['autologin_cookie_name'] || 'autologin'

          cookie_options = {

            :value => token.value,

            :expires => 1.year.from_now,

            :path => (Redmine::Configuration['autologin_cookie_path'] || '/'),

        Jean-Philippe Lang
    
Set the httponly flag on the autologin cookie....

              r4637
            
            :secure => (Redmine::Configuration['autologin_cookie_secure'] ? true : false),

            :httponly => true

        Jean-Philippe Lang
    
Makes the autologin cookie configurable (#1763)....

              r4636
            
          }

          cookies[cookie_name] = cookie_options

        end

        Eric Davis
    
Added the ability to login via OpenID....

              r2381
            
        Eric Davis
    
Added user setup needed based on the system's registration settings...

              r2385
            
        # Onthefly creation failed, display the registration form to fill/fix attributes

        def onthefly_creation_failed(user, auth_source_options = { })

          @user = user

          session[:auth_source_registration] = auth_source_options unless auth_source_options.empty?

          render :action => 'register'

        end

        Eric Davis
    
Extract method...

              r3095
            
        def invalid_credentials

        Eric Davis
    
Log failed user logins to the Rails logger...

              r3297
            
          logger.warn "Failed login for '#{params[:username]}' from #{request.remote_ip} at #{Time.now.utc}"

        Eric Davis
    
Extract method...

              r3095
            
          flash.now[:error] = l(:notice_account_invalid_creditentials)

        end

        Eric Davis
    
Refactored common methods out of register and open_id_authenticate...

              r2386
            
        # Register a user for email activation.

        #

        # Pass a block for behavior when a user fails to save

        def register_by_email_activation(user, &block)

          token = Token.new(:user => user, :action => "register")

          if user.save and token.save

        Toshi MARUYAMA
    
replace Mailer deliver syntax to Rails3 style...

              r9455
            
            Mailer.register(token).deliver

        Eric Davis
    
Refactored common methods out of register and open_id_authenticate...

              r2386
            
            flash[:notice] = l(:notice_account_register_done)

            redirect_to :action => 'login'

          else

            yield if block_given?

          end

        end

        Toshi MARUYAMA
    
remove trailing white-spaces from app/controllers/account_controller.rb....

              r6780
            
        Eric Davis
    
Refactored common methods out of register and open_id_authenticate...

              r2386
            
        # Automatically register a user

        #

        # Pass a block for behavior when a user fails to save

        def register_automatically(user, &block)

          # Automatic activation

        Eric Davis
    
Refactor: Add methods to User to edit the encapsulate the status field....

              r3792
            
          user.activate

        Jean-Philippe Lang
    
Fixes that user's last_login_on was not set when using registration with automatic activation....

              r2526
            
          user.last_login_on = Time.now

        Eric Davis
    
Refactored common methods out of register and open_id_authenticate...

              r2386
            
          if user.save

            self.logged_user = user

            flash[:notice] = l(:notice_account_activated)

            redirect_to :controller => 'my', :action => 'account'

          else

            yield if block_given?

          end

        end

        Toshi MARUYAMA
    
remove trailing white-spaces from app/controllers/account_controller.rb....

              r6780
            
        Eric Davis
    
Refactored common methods out of register and open_id_authenticate...

              r2386
            
        # Manual activation by the administrator

        #

        # Pass a block for behavior when a user fails to save

        def register_manually_by_administrator(user, &block)

          if user.save

            # Sends an email to the administrators

        Toshi MARUYAMA
    
replace Mailer deliver syntax to Rails3 style...

              r9455
            
            Mailer.account_activation_request(user).deliver

        Eric Davis
    
Fixed a bug in the OpenID login when a user signed up with OpenID but hasn't...

              r2420
            
            account_pending

        Eric Davis
    
Refactored common methods out of register and open_id_authenticate...

              r2386
            
          else

            yield if block_given?

          end

        end

        Eric Davis
    
Fixed a bug in the OpenID login when a user signed up with OpenID but hasn't...

              r2420
            
        def account_pending

          flash[:notice] = l(:notice_account_pending)

          redirect_to :action => 'login'

        end

        Jean-Philippe Lang
    
Initial commit...

              r2
            
      end

	Site-wide shortcuts
/	Use quick search box
g h	Goto home page
g g	Goto my private gists page
g G	Goto my public gists page
g 0-9	Goto bookmarked items from 0-9
n r	New repository page
n g	New gist page

	Repositories
g s	Goto summary page
g c	Goto changelog page
g f	Goto files page
g F	Goto files page with file search activated
g p	Goto pull requests page
g o	Goto repository settings
g O	Goto repository access permissions settings
t s	Toggle sidebar on some pages

Jean-Philippe Lang Display latest user's activity on account/show view....	r2064	# Redmine - project management software
Jean-Philippe Lang Copyright update....	r9453	# Copyright (C) 2006-2012 Jean-Philippe Lang
Jean-Philippe Lang added svn:eol-style native property on /app files...	r330	#
		# This program is free software; you can redistribute it and/or
		# modify it under the terms of the GNU General Public License
		# as published by the Free Software Foundation; either version 2
		# of the License, or (at your option) any later version.
Toshi MARUYAMA remove trailing white-spaces from app/controllers/account_controller.rb....	r6780	#
Jean-Philippe Lang added svn:eol-style native property on /app files...	r330	# This program is distributed in the hope that it will be useful,
		# but WITHOUT ANY WARRANTY; without even the implied warranty of
		# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
		# GNU General Public License for more details.
Toshi MARUYAMA remove trailing white-spaces from app/controllers/account_controller.rb....	r6780	#
Jean-Philippe Lang added svn:eol-style native property on /app files...	r330	# You should have received a copy of the GNU General Public License
		# along with this program; if not, write to the Free Software
		# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.

		class AccountController < ApplicationController
		helper :custom_fields
Toshi MARUYAMA remove trailing white-spaces from app/controllers/account_controller.rb....	r6780	include CustomFieldsHelper

Jean-Philippe Lang added svn:eol-style native property on /app files...	r330	# prevents login action to be filtered by check_if_login_required application scope filter
Jean-Philippe Lang AccountController#show (/account/show/:id) moved to UsersController#show (/users/:id)....	r2874	skip_before_filter :check_if_login_required
Jean-Philippe Lang added svn:eol-style native property on /app files...	r330
		# Login request and validation
		def login
		if request.get?
Eric Davis Refactor: Extract method...	r3423	logout_user
Jean-Philippe Lang added svn:eol-style native property on /app files...	r330	else
Eric Davis Refactor: Extract method...	r3424	authenticate_user
Jean-Philippe Lang added svn:eol-style native property on /app files...	r330	end
Jean-Philippe Lang Friendly response when the LDAP connection fails....	r8791	rescue AuthSourceException => e
		logger.error "An error occured when authenticating #{params[:username]}: #{e.message}"
		render_error :message => e.message
Jean-Philippe Lang added svn:eol-style native property on /app files...	r330	end

		# Log out current user and redirect to welcome page
		def logout
Eric Davis Refactor: Extract method...	r3423	logout_user
Jean-Philippe Lang Added a named route for the home page....	r749	redirect_to home_url
Jean-Philippe Lang added svn:eol-style native property on /app files...	r330	end
Toshi MARUYAMA remove trailing white-spaces from app/controllers/account_controller.rb....	r6780
Jean-Philippe Lang added svn:eol-style native property on /app files...	r330	# Enable user to choose a new password
		def lost_password
Jean-Philippe Lang Added a named route for the home page....	r749	redirect_to(home_url) && return unless Setting.lost_password?
Jean-Philippe Lang added svn:eol-style native property on /app files...	r330	if params[:token]
		@token = Token.find_by_action_and_value("recovery", params[:token])
Jean-Philippe Lang Added a named route for the home page....	r749	redirect_to(home_url) && return unless @token and !@token.expired?
Jean-Philippe Lang added svn:eol-style native property on /app files...	r330	@user = @token.user
		if request.post?
		@user.password, @user.password_confirmation = params[:new_password], params[:new_password_confirmation]
		if @user.save
		@token.destroy
		flash[:notice] = l(:notice_account_password_updated)
		redirect_to :action => 'login'
		return
Toshi MARUYAMA remove trailing white-spaces from app/controllers/account_controller.rb....	r6780	end
Jean-Philippe Lang added svn:eol-style native property on /app files...	r330	end
		render :template => "account/password_recovery"
		return
		else
		if request.post?
		user = User.find_by_mail(params[:mail])
		# user not found in db
Jean-Philippe Lang Removes "xxx and return" calls (#4446)....	r3071	(flash.now[:error] = l(:notice_account_unknown_email); return) unless user
Jean-Philippe Lang added svn:eol-style native property on /app files...	r330	# user uses an external authentification
Jean-Philippe Lang Removes "xxx and return" calls (#4446)....	r3071	(flash.now[:error] = l(:notice_can_t_change_password); return) if user.auth_source_id
Jean-Philippe Lang added svn:eol-style native property on /app files...	r330	# create a new token for password recovery
		token = Token.new(:user => user, :action => "recovery")
		if token.save
Toshi MARUYAMA replace Mailer deliver syntax to Rails3 style...	r9455	Mailer.lost_password(token).deliver
Jean-Philippe Lang added svn:eol-style native property on /app files...	r330	flash[:notice] = l(:notice_account_lost_email_sent)
		redirect_to :action => 'login'
		return
		end
		end
		end
		end
Toshi MARUYAMA remove trailing white-spaces from app/controllers/account_controller.rb....	r6780
Jean-Philippe Lang added svn:eol-style native property on /app files...	r330	# User self-registration
		def register
Jean-Philippe Lang Improved on-the-fly account creation. If some attributes are missing (eg. not present in the LDAP) or are invalid, the registration form is displayed so that the user is able to fill or fix these attributes....	r1661	redirect_to(home_url) && return unless Setting.self_registration? \|\| session[:auth_source_registration]
Jean-Philippe Lang There's now 3 account activation strategies (available in application settings):...	r902	if request.get?
Jean-Philippe Lang Improved on-the-fly account creation. If some attributes are missing (eg. not present in the LDAP) or are invalid, the registration form is displayed so that the user is able to fill or fix these attributes....	r1661	session[:auth_source_registration] = nil
Jean-Philippe Lang There's now 3 account activation strategies (available in application settings):...	r902	@user = User.new(:language => Setting.default_language)
Jean-Philippe Lang added svn:eol-style native property on /app files...	r330	else
Jean-Philippe Lang Removed unsafe attributes assignment....	r8664	@user = User.new
		@user.safe_attributes = params[:user]
Jean-Philippe Lang There's now 3 account activation strategies (available in application settings):...	r902	@user.admin = false
Eric Davis Refactor: Add methods to User to edit the encapsulate the status field....	r3792	@user.register
Jean-Philippe Lang Improved on-the-fly account creation. If some attributes are missing (eg. not present in the LDAP) or are invalid, the registration form is displayed so that the user is able to fill or fix these attributes....	r1661	if session[:auth_source_registration]
Eric Davis Refactor: Add methods to User to edit the encapsulate the status field....	r3792	@user.activate
Jean-Philippe Lang Improved on-the-fly account creation. If some attributes are missing (eg. not present in the LDAP) or are invalid, the registration form is displayed so that the user is able to fill or fix these attributes....	r1661	@user.login = session[:auth_source_registration][:login]
		@user.auth_source_id = session[:auth_source_registration][:auth_source_id]
Jean-Philippe Lang There's now 3 account activation strategies (available in application settings):...	r902	if @user.save
Jean-Philippe Lang Improved on-the-fly account creation. If some attributes are missing (eg. not present in the LDAP) or are invalid, the registration form is displayed so that the user is able to fill or fix these attributes....	r1661	session[:auth_source_registration] = nil
Jean-Philippe Lang Log the user in after registration if account activation is not needed....	r1507	self.logged_user = @user
Jean-Philippe Lang There's now 3 account activation strategies (available in application settings):...	r902	flash[:notice] = l(:notice_account_activated)
Jean-Philippe Lang Log the user in after registration if account activation is not needed....	r1507	redirect_to :controller => 'my', :action => 'account'
Jean-Philippe Lang There's now 3 account activation strategies (available in application settings):...	r902	end
		else
Jean-Philippe Lang Improved on-the-fly account creation. If some attributes are missing (eg. not present in the LDAP) or are invalid, the registration form is displayed so that the user is able to fill or fix these attributes....	r1661	@user.login = params[:user][:login]
Jean-Philippe Lang Fixed registration form broken by r8479....	r8662	@user.password, @user.password_confirmation = params[:user][:password], params[:user][:password_confirmation]
Eric Davis Refactored common methods out of register and open_id_authenticate...	r2386
Jean-Philippe Lang Improved on-the-fly account creation. If some attributes are missing (eg. not present in the LDAP) or are invalid, the registration form is displayed so that the user is able to fill or fix these attributes....	r1661	case Setting.self_registration
		when '1'
Eric Davis Refactored common methods out of register and open_id_authenticate...	r2386	register_by_email_activation(@user)
Jean-Philippe Lang Improved on-the-fly account creation. If some attributes are missing (eg. not present in the LDAP) or are invalid, the registration form is displayed so that the user is able to fill or fix these attributes....	r1661	when '3'
Eric Davis Refactored common methods out of register and open_id_authenticate...	r2386	register_automatically(@user)
Jean-Philippe Lang Improved on-the-fly account creation. If some attributes are missing (eg. not present in the LDAP) or are invalid, the registration form is displayed so that the user is able to fill or fix these attributes....	r1661	else
Eric Davis Refactored common methods out of register and open_id_authenticate...	r2386	register_manually_by_administrator(@user)
Jean-Philippe Lang added svn:eol-style native property on /app files...	r330	end
		end
		end
		end
Toshi MARUYAMA remove trailing white-spaces from app/controllers/account_controller.rb....	r6780
Jean-Philippe Lang There's now 3 account activation strategies (available in application settings):...	r902	# Token based account activation
		def activate
		redirect_to(home_url) && return unless Setting.self_registration? && params[:token]
		token = Token.find_by_action_and_value('register', params[:token])
		redirect_to(home_url) && return unless token and !token.expired?
		user = token.user
Eric Davis Refactor: Add methods to User to edit the encapsulate the status field....	r3792	redirect_to(home_url) && return unless user.registered?
		user.activate
Jean-Philippe Lang There's now 3 account activation strategies (available in application settings):...	r902	if user.save
		token.destroy
		flash[:notice] = l(:notice_account_activated)
		end
		redirect_to :action => 'login'
		end
Toshi MARUYAMA remove trailing white-spaces from app/controllers/account_controller.rb....	r6780
Jean-Philippe Lang Fixed: When logging in via an autologin cookie the user's last_login_on should be updated (#2820)....	r2460	private
Toshi MARUYAMA remove trailing white-spaces from app/controllers/account_controller.rb....	r6780
Eric Davis Refactor: Extract method...	r3424	def authenticate_user
		if Setting.openid? && using_open_id?
		open_id_authenticate(params[:openid_url])
		else
		password_authentication
		end
		end

Eric Davis Added the ability to login via OpenID....	r2381	def password_authentication
		user = User.try_to_login(params[:username], params[:password])
Eric Davis Extract method...	r3095
Eric Davis Added the ability to login via OpenID....	r2381	if user.nil?
Eric Davis Extract method...	r3095	invalid_credentials
Eric Davis Added the ability to login via OpenID....	r2381	elsif user.new_record?
Eric Davis Refactor: Use the existing method for failing onthefly creations....	r3094	onthefly_creation_failed(user, {:login => user.login, :auth_source_id => user.auth_source_id })
Eric Davis Added the ability to login via OpenID....	r2381	else
		# Valid user
		successful_authentication(user)
		end
		end

		def open_id_authenticate(openid_url)
Jean-Philippe Lang Fixed openid redirect....	r9396	authenticate_with_open_id(openid_url, :required => [:nickname, :fullname, :email], :return_to => signin_url, :method => :post) do \|result, identity_url, registration\|
Eric Davis Added the ability to login via OpenID....	r2381	if result.successful?
		user = User.find_or_initialize_by_identity_url(identity_url)
		if user.new_record?
Eric Davis Prevent registration via OpenID if self registration is off. #699...	r2387	# Self-registration off
		redirect_to(home_url) && return unless Setting.self_registration?

Eric Davis Added the ability to login via OpenID....	r2381	# Create on the fly
Eric Davis Added tests for the other OpenID authentication cases. #699...	r2384	user.login = registration['nickname'] unless registration['nickname'].nil?
		user.mail = registration['email'] unless registration['email'].nil?
		user.firstname, user.lastname = registration['fullname'].split(' ') unless registration['fullname'].nil?
Eric Davis Hooked up on the fly OpenID user creation....	r2382	user.random_password
Eric Davis Refactor: Add methods to User to edit the encapsulate the status field....	r3792	user.register
Eric Davis Added user setup needed based on the system's registration settings...	r2385
		case Setting.self_registration
		when '1'
Eric Davis Refactored common methods out of register and open_id_authenticate...	r2386	register_by_email_activation(user) do
Eric Davis Fixed the bug in the OpenID registration where the form wouldn't take a login...	r2421	onthefly_creation_failed(user)
Eric Davis Added user setup needed based on the system's registration settings...	r2385	end
		when '3'
Eric Davis Refactored common methods out of register and open_id_authenticate...	r2386	register_automatically(user) do
Eric Davis Fixed the bug in the OpenID registration where the form wouldn't take a login...	r2421	onthefly_creation_failed(user)
Eric Davis Added user setup needed based on the system's registration settings...	r2385	end
Eric Davis Hooked up on the fly OpenID user creation....	r2382	else
Eric Davis Refactored common methods out of register and open_id_authenticate...	r2386	register_manually_by_administrator(user) do
Eric Davis Fixed the bug in the OpenID registration where the form wouldn't take a login...	r2421	onthefly_creation_failed(user)
Eric Davis Added user setup needed based on the system's registration settings...	r2385	end
Toshi MARUYAMA remove trailing white-spaces from app/controllers/account_controller.rb....	r6780	end
Eric Davis Added the ability to login via OpenID....	r2381	else
Eric Davis Hooked up on the fly OpenID user creation....	r2382	# Existing record
Eric Davis Fixed a bug in the OpenID login when a user signed up with OpenID but hasn't...	r2420	if user.active?
		successful_authentication(user)
		else
		account_pending
		end
Eric Davis Added the ability to login via OpenID....	r2381	end
		end
		end
		end
Toshi MARUYAMA remove trailing white-spaces from app/controllers/account_controller.rb....	r6780
Eric Davis Added the ability to login via OpenID....	r2381	def successful_authentication(user)
		# Valid user
		self.logged_user = user
		# generate a key and set cookie if autologin
		if params[:autologin] && Setting.autologin?
Jean-Philippe Lang Makes the autologin cookie configurable (#1763)....	r4636	set_autologin_cookie(user)
Eric Davis Added the ability to login via OpenID....	r2381	end
Eric Davis Added a plugin hook for :controller_account_success_authentication_after...	r2533	call_hook(:controller_account_success_authentication_after, {:user => user })
Eric Davis Added the ability to login via OpenID....	r2381	redirect_back_or_default :controller => 'my', :action => 'page'
		end
Toshi MARUYAMA remove trailing white-spaces from app/controllers/account_controller.rb....	r6780
Jean-Philippe Lang Makes the autologin cookie configurable (#1763)....	r4636	def set_autologin_cookie(user)
		token = Token.create(:user => user, :action => 'autologin')
		cookie_name = Redmine::Configuration['autologin_cookie_name'] \|\| 'autologin'
		cookie_options = {
		:value => token.value,
		:expires => 1.year.from_now,
		:path => (Redmine::Configuration['autologin_cookie_path'] \|\| '/'),
Jean-Philippe Lang Set the httponly flag on the autologin cookie....	r4637	:secure => (Redmine::Configuration['autologin_cookie_secure'] ? true : false),
		:httponly => true
Jean-Philippe Lang Makes the autologin cookie configurable (#1763)....	r4636	}
		cookies[cookie_name] = cookie_options
		end
Eric Davis Added the ability to login via OpenID....	r2381
Eric Davis Added user setup needed based on the system's registration settings...	r2385	# Onthefly creation failed, display the registration form to fill/fix attributes
		def onthefly_creation_failed(user, auth_source_options = { })
		@user = user
		session[:auth_source_registration] = auth_source_options unless auth_source_options.empty?
		render :action => 'register'
		end

Eric Davis Extract method...	r3095	def invalid_credentials
Eric Davis Log failed user logins to the Rails logger...	r3297	logger.warn "Failed login for '#{params[:username]}' from #{request.remote_ip} at #{Time.now.utc}"
Eric Davis Extract method...	r3095	flash.now[:error] = l(:notice_account_invalid_creditentials)
		end

Eric Davis Refactored common methods out of register and open_id_authenticate...	r2386	# Register a user for email activation.
		#
		# Pass a block for behavior when a user fails to save
		def register_by_email_activation(user, &block)
		token = Token.new(:user => user, :action => "register")
		if user.save and token.save
Toshi MARUYAMA replace Mailer deliver syntax to Rails3 style...	r9455	Mailer.register(token).deliver
Eric Davis Refactored common methods out of register and open_id_authenticate...	r2386	flash[:notice] = l(:notice_account_register_done)
		redirect_to :action => 'login'
		else
		yield if block_given?
		end
		end
Toshi MARUYAMA remove trailing white-spaces from app/controllers/account_controller.rb....	r6780
Eric Davis Refactored common methods out of register and open_id_authenticate...	r2386	# Automatically register a user
		#
		# Pass a block for behavior when a user fails to save
		def register_automatically(user, &block)
		# Automatic activation
Eric Davis Refactor: Add methods to User to edit the encapsulate the status field....	r3792	user.activate
Jean-Philippe Lang Fixes that user's last_login_on was not set when using registration with automatic activation....	r2526	user.last_login_on = Time.now
Eric Davis Refactored common methods out of register and open_id_authenticate...	r2386	if user.save
		self.logged_user = user
		flash[:notice] = l(:notice_account_activated)
		redirect_to :controller => 'my', :action => 'account'
		else
		yield if block_given?
		end
		end
Toshi MARUYAMA remove trailing white-spaces from app/controllers/account_controller.rb....	r6780
Eric Davis Refactored common methods out of register and open_id_authenticate...	r2386	# Manual activation by the administrator
		#
		# Pass a block for behavior when a user fails to save
		def register_manually_by_administrator(user, &block)
		if user.save
		# Sends an email to the administrators
Toshi MARUYAMA replace Mailer deliver syntax to Rails3 style...	r9455	Mailer.account_activation_request(user).deliver
Eric Davis Fixed a bug in the OpenID login when a user signed up with OpenID but hasn't...	r2420	account_pending
Eric Davis Refactored common methods out of register and open_id_authenticate...	r2386	else
		yield if block_given?
		end
		end
Eric Davis Fixed a bug in the OpenID login when a user signed up with OpenID but hasn't...	r2420
		def account_pending
		flash[:notice] = l(:notice_account_pending)
		redirect_to :action => 'login'
		end
Jean-Philippe Lang Initial commit...	r2	end