|
@@ -9,20 +9,28 @@ class UsersController < ApplicationController |
|
|
|
|
|
|
|
|
def login |
|
|
def login |
|
|
if request.post? |
|
|
if request.post? |
|
|
if params[:username].nil? || params[:username].empty? || |
|
|
|
|
|
params[:password].nil? || params[:password].empty? |
|
|
|
|
|
|
|
|
if params[:username].blank? || params[:password].blank? |
|
|
flash.now[:alert] = 'Both a character name and password are required.' |
|
|
flash.now[:alert] = 'Both a character name and password are required.' |
|
|
render 'login' and return |
|
|
render 'login' and return |
|
|
end |
|
|
end |
|
|
|
|
|
|
|
|
user = User.find_by(name: params[:username]) |
|
|
user = User.find_by(name: params[:username]) |
|
|
if user.nil? || !user.authenticate(params[:password]) |
|
|
if user.nil? || !user.authenticate(params[:password]) |
|
|
flash.now[:alert] = 'Incorrect character name or password.' |
|
|
flash.now[:alert] = 'Incorrect character name or password.' |
|
|
render 'login' and return |
|
|
render 'login' and return |
|
|
end |
|
|
end |
|
|
|
|
|
|
|
|
flash.now[:alert] = 'Login successful.' |
|
|
|
|
|
render 'login' and return |
|
|
|
|
|
# redirect_to root_url |
|
|
|
|
|
|
|
|
allow_non_corp = AdminSettings.get_bool(:allow_non_corp) |
|
|
|
|
|
if !allow_non_corp && !user.in_corp? && !user.admin? |
|
|
|
|
|
corp_name = AdminSettings.get_bool(:corp_name) |
|
|
|
|
|
flash[:alert] = "You are not a member of #{corp_name}, and access to "\ |
|
|
|
|
|
"this site is disallowed for non-corp members." |
|
|
|
|
|
redirect_to root_url and return |
|
|
|
|
|
end |
|
|
|
|
|
|
|
|
|
|
|
session[:user_id] = user.id |
|
|
|
|
|
flash[:notice] = 'Login successful!' |
|
|
|
|
|
redirect_to root_url |
|
|
end |
|
|
end |
|
|
end |
|
|
end |
|
|
|
|
|
|
|
|