2015-12-11 15:26:51 -05:00
|
|
|
# controllers/user_sessions_controller.rb
|
2015-07-10 00:19:01 -04:00
|
|
|
class UserSessionsController < ApplicationController
|
|
|
|
def new
|
|
|
|
@user_session = UserSession.new
|
|
|
|
end
|
|
|
|
|
|
|
|
def create
|
|
|
|
@user_session = UserSession.new(user_session_params)
|
|
|
|
|
|
|
|
user = User.find_by_username(params[:user_session][:username])
|
|
|
|
|
|
|
|
if authenticate_user?(user)
|
|
|
|
create_user_session(user)
|
|
|
|
|
2015-07-14 01:22:50 -04:00
|
|
|
redirect_to root_path, notice: 'You have been signed in!'
|
2015-07-10 00:19:01 -04:00
|
|
|
else
|
2015-07-10 15:20:46 -04:00
|
|
|
redirect_to signin_path, alert: 'Username or password was incorrect!'
|
2015-07-10 00:19:01 -04:00
|
|
|
end
|
|
|
|
end
|
|
|
|
|
|
|
|
def destroy
|
|
|
|
cookies.permanent[:user_session] = nil
|
|
|
|
current_session.destroy if current_session
|
|
|
|
|
2015-07-14 01:22:50 -04:00
|
|
|
redirect_to root_path, notice: 'You have been signed out!'
|
2015-07-10 00:19:01 -04:00
|
|
|
end
|
|
|
|
|
|
|
|
private
|
|
|
|
|
|
|
|
def user_session_params
|
|
|
|
params.require(:user_session).permit(:username, :password)
|
|
|
|
end
|
|
|
|
|
|
|
|
def authenticate_user?(user)
|
|
|
|
user && user.authenticate(params[:user_session][:password])
|
|
|
|
end
|
|
|
|
|
|
|
|
def create_user_session(user)
|
|
|
|
user_session = UserSession.new_by_user(user, request.env)
|
|
|
|
|
|
|
|
cookies.permanent[:user_session] = user_session.key
|
|
|
|
end
|
|
|
|
end
|