Added autologin feature (disabled by default).

To enable this feature, go to administration settings and choose a duration for autologin.
When enabled, a checkbox on the login form lets users activate autologin.

git-svn-id: http://redmine.rubyforge.org/svn/trunk@514 e93f8b46-1217-0410-a6f0-8f06a7374b81

app/controllers/account_controller.rb

@@ -42,6 +42,11 @@ class AccountController < ApplicationController
       user = User.try_to_login(params[:login], params[:password])
       if user
         self.logged_in_user = user
+        # generate a key and set cookie if autologin
+        if params[:autologin] && Setting.autologin?
+          token = Token.create(:user => user, :action => 'autologin')
+          cookies[:autologin] = { :value => token.value, :expires => 1.year.from_now }
+        end
         redirect_back_or_default :controller => 'my', :action => 'page'
       else
         flash.now[:notice] = l(:notice_account_invalid_creditentials)
@@ -51,6 +56,8 @@ class AccountController < ApplicationController
 
   # Log out current user and redirect to welcome page
   def logout
+    cookies.delete :autologin
+    Token.delete_all(["user_id = ? AND action = ?", logged_in_user.id, "autologin"]) if logged_in_user
     self.logged_in_user = nil
     redirect_to :controller => 'welcome'
   end

app/controllers/application.rb

@@ -40,6 +40,13 @@ class ApplicationController < ActionController::Base
   
   # check if login is globally required to access the application
   def check_if_login_required
+    # no check needed if user is already logged in
+    return true if logged_in_user
+    # auto-login feature
+    autologin_key = cookies[:autologin]
+    if autologin_key && Setting.autologin?
+      self.logged_in_user = User.find_by_autologin_key(autologin_key)
+    end
     require_login if Setting.login_required?
   end