40 lines
1.1 KiB
Ruby
40 lines
1.1 KiB
Ruby
class SessionsController < ApplicationController
|
|
require_unregistered_user only: %i[new create]
|
|
# GET /sessions/new
|
|
def new
|
|
@session = Session.new
|
|
end
|
|
|
|
# POST /sessions or /sessions.json
|
|
def create
|
|
@session = Session.new(session_params)
|
|
|
|
respond_to do |format|
|
|
if @session.save
|
|
session[:current_user_id] = @session.user_id
|
|
|
|
format.html { redirect_to root_url, notice: "Session was successfully created." }
|
|
format.json { render :show, status: :created, location: @session }
|
|
else
|
|
format.html { render :new, status: :unprocessable_entity, alert: @session.errors }
|
|
format.json { render json: @session.errors, status: :unprocessable_entity }
|
|
end
|
|
end
|
|
end
|
|
|
|
# DELETE /sessions/1 or /sessions/1.json
|
|
def destroy
|
|
session[:current_user_id] = nil
|
|
|
|
respond_to do |format|
|
|
format.html { redirect_to new_session_url, notice: "Session was successfully destroyed." }
|
|
format.json { head :no_content }
|
|
end
|
|
end
|
|
|
|
private
|
|
# Only allow a list of trusted parameters through.
|
|
def session_params
|
|
params.require(:session).permit(:email, :password)
|
|
end
|
|
end
|