42 lines
888 B
Ruby
42 lines
888 B
Ruby
class UserSessionsController < ApplicationController
|
|
def new
|
|
@user_session = UserSession.new
|
|
end
|
|
|
|
def create
|
|
@user_session = UserSession.new(user_session_params)
|
|
|
|
user = User.find_by_username(params[:user_session][:username])
|
|
|
|
if authenticate_user?(user)
|
|
create_user_session(user)
|
|
|
|
redirect_to root_path
|
|
else
|
|
render :new
|
|
end
|
|
end
|
|
|
|
def destroy
|
|
cookies.permanent[:user_session] = nil
|
|
current_session.destroy if current_session
|
|
|
|
redirect_to root_path
|
|
end
|
|
|
|
private
|
|
|
|
def user_session_params
|
|
params.require(:user_session).permit(:username, :password)
|
|
end
|
|
|
|
def authenticate_user?(user)
|
|
user && user.authenticate(params[:user_session][:password])
|
|
end
|
|
|
|
def create_user_session(user)
|
|
user_session = UserSession.new_by_user(user, request.env)
|
|
|
|
cookies.permanent[:user_session] = user_session.key
|
|
end
|
|
end
|