This topic needs a title

Hello all.

I have been trying to develop an authentication program. I have been
able to redirect a user to any page but have not been able to
pesonalise it so that users can only access their personal accounts.
thank you

class UserController < ApplicationController

  def login

      @user = User.new
      @user.username = params[:username]

  end

  def process_login
    if user = User.authenticate(params[:user])
        session[:id] = user.id && params[:username] != 'admin'#
Remember the user's id during this session

          #if User.username == 'admin'
          redirect_to session[:return_to] || '/customer/new'
          else
          
        if user = User.authenticate(params[:user]) &&
params[:username] == 'admin'
        session[:id] = user.id
          redirect_to session[:return_to] || '/'
      else
        flash[:error] = 'Invalid login.'
        redirect_to :action => 'login', :username => params[:user][:username]
        end
      end

  end

  def logout
     reset_session
      flash[:message] = 'Logged out.'
      redirect_to :action => 'login'

  end

  def my_account
  end
end

On 9/18/08, Gilbert Gift Siima <giftsiima@gmail.com> wrote:>> Hello
all.>> I have been trying to develop an authentication program. I have

able to redirect a user to any page but have not been able to>

pesonalise it so that users can only access their personal accounts.>
thank you>>I am using ruby 1.8 and here is my controller>> class
UserController < ApplicationController>> def login>> @user =
User.new> @user.username = params[:username]>> end>> def
process_login> if user = User.authenticate(params[:user])>
session[:id] = user.id && params[:username] != 'admin'#> Remember the
user's id during this session>> #if User.username == 'admin'>
         redirect_to session[:return_to] || '/customer/new'>

         > if user = User.authenticate(params[:user])

&&> params[:username] == 'admin'> session[:id] = user.id>
    redirect_to session[:return_to] || '/' > else>
flash[:error] = 'Invalid login.'> redirect_to :action =>
'login', :username =>> params[:user][:username]> end>

  >> def logout> reset_session> flash[:message] =

'Logged out.'> redirect_to :action => 'login'>> end>> def
my_account> end> end>>> -- > Love is the greatest>>
greatest

There are nice authentication frameworks out there.. I suggest trying
those. You can use them or study them until you understand how to
make your own.

Check out http://railsforum.com/viewtopic.php?id=14216&p=1