I think it is not a good thing to code business login in controllers, in my projects I realized that logic goes to classes in some module under /modules. or maybe in some /model when it is globally used.
For me controllers is an extension of the routers system, they live to 'control' the application flow: what parameters received, what class to instantiate, what function to call, where to redirect, what dict, format, response.headers to return. I always see people asking about class based controllers (maybe because Django has class based views), extending controllers can be a good idea to implement, if possible. but I still prefer to keep my code outside in /modules and use controllers as the "routes bandmaster"
