There are nice authentication frameworks out there.. I suggest trying those. You can use them or study them until you understand how to make your own.
Check out http://railsforum.com/viewtopic.php?id=14216&p=1 On Thu, Sep 18, 2008 at 8:08 PM, Gilbert Gift Siima <[EMAIL PROTECTED]> wrote: > > Hello all. > > I have been trying to develop an authentication program. I have been > able to redirect a user to any page but have not been able to > pesonalise it so that users can only access their personal accounts. > thank you > > > > class UserController < ApplicationController > > def login > > @user = User.new > @user.username = params[:username] > > end > > def process_login > if user = User.authenticate(params[:user]) > session[:id] = user.id && params[:username] != 'admin'# > Remember the user's id during this session > > #if User.username == 'admin' > redirect_to session[:return_to] || '/customer/new' > else > > if user = User.authenticate(params[:user]) && > params[:username] == 'admin' > session[:id] = user.id > redirect_to session[:return_to] || '/' > else > flash[:error] = 'Invalid login.' > redirect_to :action => 'login', :username => params[:user][:username] > end > end > > end > > def logout > reset_session > flash[:message] = 'Logged out.' > redirect_to :action => 'login' > > end > > def my_account > end > end > > > -- > Love is the greatest > > > > -- Ramon Tayag --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Ruby on Rails: Talk" group. To post to this group, send email to rubyonrails-talk@googlegroups.com To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/rubyonrails-talk?hl=en -~----------~----~----~----~------~----~------~--~---