Topic: restful authentication -- invalid vs not activated

The standard session creation controller provided by the restful authentication plugin looks like this:

    self.current_user = User.authenticate(params[:login], params[:password])
    if logged_in?
      flash[:notice] = "Logged in successfully"
      redirect_to_index("check your email to activate your account")

Is there a way to differentiate an invalid login from somebody who just hasn't activated their account?  What kind of condition can I use in an elsif to tell the difference?

Re: restful authentication -- invalid vs not activated

Sinec the User.authenticate method doesn't differentiate between non-existant and un-authorized users it's a bit tough..

The way I see it I would modify the authenticate method to return some sort of status rather than just nil on failure.

You could put a second check in the create method of the SessionsController too but that feels like an ugly hack.

Neither are very elegant solutions but I wouldn't know how else to do it.