updated bits and pieces

Author: Breccan

app/controllers/application_controller.rb

@@ -6,11 +6,29 @@ class ApplicationController < ActionController::Base
   protect_from_forgery # See ActionController::RequestForgeryProtection for details
   filter_parameter_logging :password, :password_confirmation
   helper_method :current_user_session, :current_user
+  before_filter :current_user
 
 
   # Scrub sensitive parameters from your log
   # filter_parameter_logging :password
   private
+
+  def requires_login
+    flash[:error] = "Access Denied: User not logged in"
+    redirect_to root_url unless current_user
+  end
+
+  def requires_no_login
+    flash[:error] = "User already logged in"
+    redirect_to root_url if current_user
+  end
+
+  def redirect_back_or_default(path)
+    redirect_to :back
+  rescue ActionController::RedirectBackError
+    redirect_to path
+  end
+
   def current_user_session
     return @current_user_session if defined?(@current_user_session)
     @current_user_session = UserSession.find

app/controllers/password_resets_controller.rb

@@ -25,7 +25,7 @@ def edit
 
   def update  
     @user.password = params[:user][:password]  
-    @user.password_confirmation = params[:user][: password_confirmation]  
+    @user.password_confirmation = params[:user][:password_confirmation]  
     if @user.save  
       flash[:notice] = "Password successfully updated"  
       redirect_to account_url  

app/controllers/user_sessions_controller.rb

@@ -10,7 +10,7 @@ def create
     @user_session = UserSession.new(params[:user_session])
     if @user_session.save
       flash[:notice] = "Login successful!"
-      redirect_back_or_default account_url
+      redirect_back_or_default root_url
     else
       render :action => :new
     end
@@ -19,6 +19,6 @@ def create
   def destroy
     current_user_session.destroy
     flash[:notice] = "Logout successful!"
-    redirect_back_or_default new_user_session_url
+    redirect_back_or_default root_url
   end
 end

app/controllers/users_controller.rb

@@ -10,7 +10,7 @@ def create
     @user = User.new(params[:user])
     if @user.save
       flash[:notice] = "Account registered!"
-      redirect_back_or_default account_url
+      redirect_back_or_default root_url
     else
       render :action => :new
     end
@@ -28,7 +28,7 @@ def update
     @user = @current_user # makes our views "cleaner" and more consistent
     if @user.update_attributes(params[:user])
       flash[:notice] = "Account updated!"
-      redirect_to account_url
+      redirect_to root_url
     else
       render :action => :edit
     end

config/routes.rb

@@ -5,6 +5,9 @@
   map.resource :account, :controller => "users"
   map.resources :users
   map.resources :password_resets
+  map.login '/login', :controller => :user_sessions, :action => :new
+  map.logout '/logout', :controller => :user_sessions, :action => :destroy
+  map.signup '/signup', :controller => :users, :action => :new
 
   # The priority is based upon order of creation: first created -> highest priority.