diff --git a/app/controllers/login_controller.rb b/app/controllers/login_controller.rb index 52716b6f..fed1dc3a 100644 --- a/app/controllers/login_controller.rb +++ b/app/controllers/login_controller.rb @@ -69,16 +69,7 @@ class LoginController < ApplicationController end def logout - @user.forget_me if logged_in? - cookies.delete :auth_token - session['user_id'] = nil - if ( SITE_CONFIG['authentication_schemes'].include? 'cas') && session[:cas_user] - CASClient::Frameworks::Rails::Filter.logout(self) - else - reset_session - notify :notice, t('login.logged_out') - redirect_to_login - end + logout_user end def expire_session @@ -149,13 +140,6 @@ class LoginController < ApplicationController private - def redirect_to_login - respond_to do |format| - format.html { redirect_to login_path } - format.m { redirect_to login_path(:format => 'm') } - end - end - def should_expire_sessions? session['noexpiry'] != "on" end diff --git a/app/controllers/preferences_controller.rb b/app/controllers/preferences_controller.rb index e1c8638c..0f0d8df9 100644 --- a/app/controllers/preferences_controller.rb +++ b/app/controllers/preferences_controller.rb @@ -12,8 +12,11 @@ class PreferencesController < ApplicationController user_updated = current_user.update_attributes(params['user']) prefs_updated = current_user.preference.update_attributes(params['prefs']) if (user_updated && prefs_updated) - notify :notice, "Preferences updated" - redirect_to :action => 'index' + if !params['user']['password'].blank? # password updated? + logout_user t('preferences.password_changed') + else + preference_updated + end else msg = "Preferences could not be updated: " msg += "User model errors; " unless user_updated @@ -28,4 +31,12 @@ class PreferencesController < ApplicationController render :text => l(Date.today, :format => format) end +private + + # Display notification if preferences are successful updated + def preference_updated + notify :notice, t('preferences.updated') + redirect_to :action => 'index' + end + end diff --git a/config/locales/en.yml b/config/locales/en.yml index 3c908e1d..338d9531 100644 --- a/config/locales/en.yml +++ b/config/locales/en.yml @@ -659,6 +659,8 @@ en: staleness_starts_after: Staleness starts after %{days} days change_identity_url: Change Your Identity URL change_password: Change your password + password_changed: You password has been changed, please log on again. + updated: Preferences updated page_title: TRACKS::Preferences title: Your preferences token_description: Token (for feeds and API use) diff --git a/lib/login_system.rb b/lib/login_system.rb index 8bec423a..8a8a70a1 100644 --- a/lib/login_system.rb +++ b/lib/login_system.rb @@ -9,6 +9,22 @@ module LoginSystem def prefs current_user.prefs unless current_user.nil? end + + # Logout the {#current_user} and redirect to login page + # + # @param [String] message notification to display + def logout_user message=t('login.logged_out') + @user.forget_me if logged_in? + cookies.delete :auth_token + session['user_id'] = nil + if ( SITE_CONFIG['authentication_schemes'].include? 'cas') && session[:cas_user] + CASClient::Frameworks::Rails::Filter.logout(self) + else + reset_session + notify :notice, message + redirect_to_login + end + end protected @@ -132,7 +148,7 @@ module LoginSystem def set_current_user(user) @user = user end - + # overwrite if you want to have special behavior in case the user is not authorized # to access the current operation. # the default action is to redirect to the login screen @@ -192,4 +208,14 @@ module LoginSystem render :text => t('login.unsuccessful'), :status => 401 end +private + + # Redirect the user to the login page. + def redirect_to_login + respond_to do |format| + format.html { redirect_to login_path } + format.m { redirect_to login_path(:format => 'm') } + end + end + end \ No newline at end of file