Skip to content

Commit

Permalink
first security
Browse files Browse the repository at this point in the history
  • Loading branch information
speedy committed May 27, 2013
1 parent f195f7e commit 18c3eb3
Show file tree
Hide file tree
Showing 2 changed files with 5 additions and 1 deletion.
2 changes: 2 additions & 0 deletions app/controllers/sessions_controller.rb
View file
Original file line number Diff line number Diff line change
Expand Up @@ -6,6 +6,7 @@ def create
user = User.authenticate(params[:email], params[:password])
if user
session[:user_id] = user.id
session[:user_is_admin] = user.is_admin
redirect_to root_url, :notice => "Logged in!"
else
flash.now.alert = "Invalid email or password"
Expand All @@ -15,6 +16,7 @@ def create

def destroy
session[:user_id] = nil
session[:user_is_admin] = nil
#flash.now[:notice] = "TEST MESSAGE"
redirect_to root_url, :notice => "Logged out!"

Expand Down
4 changes: 3 additions & 1 deletion app/views/layouts/application.html.erb
View file
Original file line number Diff line number Diff line change
Expand Up @@ -27,7 +27,9 @@
<div id='cssmenu'>
<ul>
<li/>
<% if (session[:user_is_admin] == true) %>
<li><%= link_to "Home", root_path %></li>
<% end %>
<li class='has-sub'><%= link_to "Repository",
repositories_path %>
<ul>
Expand Down Expand Up @@ -64,7 +66,7 @@
<%= yield %>
</main>
<aside>
TEST

</aside>
</sub>
</div>
Expand Down

0 comments on commit 18c3eb3

Please sign in to comment.