sharedlists/app/controllers/sessions_controller.rb
2021-12-19 10:48:54 +01:00

24 lines
514 B
Ruby

class SessionsController < ApplicationController
skip_before_action :login_required!
def new
end
def create
user = User.find_by(email: params[:email])
if user && user.authenticate(params[:password])
session[:user_id] = user.id
flash[:notice] = "Logged in!"
redirect_to root_url
else
flash.now[:error] = "Invalid email or password"
render :new
end
end
def destroy
session[:user_id] = nil
redirect_to root_url, :notice => "Logged out!"
end
end