diff --git a/app/controllers/login_controller.rb b/app/controllers/login_controller.rb --- a/app/controllers/login_controller.rb +++ b/app/controllers/login_controller.rb @@ -7,32 +7,38 @@ end def login - if (!GraderConfiguration['right.bypass_agreement']) and (!params[:accept_agree]) + user = User.authenticate(params[:login], params[:password]) + unless user + flash[:notice] = 'Wrong password' + redirect_to :controller => 'main', :action => 'login' + return + end + + if (!GraderConfiguration['right.bypass_agreement']) and (!params[:accept_agree]) and !user.admin? flash[:notice] = 'You must accept the agreement before logging in' redirect_to :controller => 'main', :action => 'login' - elsif user = User.authenticate(params[:login], params[:password]) - session[:user_id] = user.id - session[:admin] = user.admin? + return + end + + #process logging in + session[:user_id] = user.id + session[:admin] = user.admin? - # clear forced logout flag for multicontests contest change - if GraderConfiguration.multicontests? - contest_stat = user.contest_stat - if contest_stat.respond_to? :forced_logout - if contest_stat.forced_logout - contest_stat.forced_logout = false - contest_stat.save - end + # clear forced logout flag for multicontests contest change + if GraderConfiguration.multicontests? + contest_stat = user.contest_stat + if contest_stat.respond_to? :forced_logout + if contest_stat.forced_logout + contest_stat.forced_logout = false + contest_stat.save end end - - #save login information - Login.create(user_id: user.id, ip_address: request.remote_ip) + end - redirect_to :controller => 'main', :action => 'list' - else - flash[:notice] = 'Wrong password' - redirect_to :controller => 'main', :action => 'login' - end + #save login information + Login.create(user_id: user.id, ip_address: request.remote_ip) + + redirect_to :controller => 'main', :action => 'list' end def site_login