30 lines
671 B
Ruby
30 lines
671 B
Ruby
class SessionsController < ApplicationController
|
|
def new
|
|
end
|
|
|
|
def create
|
|
@user = User.find_by(email: params[:email])
|
|
unless @user
|
|
redirect_to '/welcome', notice: 'Wrong email address'
|
|
return
|
|
end
|
|
unless @user.authenticate(params[:password])
|
|
redirect_to '/welcome', notice: 'Wrong password'
|
|
return
|
|
end
|
|
if @user.blocked?
|
|
redirect_to '/welcome', notice: 'You are blocked, please contact support'
|
|
return
|
|
end
|
|
session[:user_id] = @user.id
|
|
redirect_to '/welcome'
|
|
end
|
|
|
|
def delete
|
|
session.delete(:user_id)
|
|
redirect_to '/welcome', notice: 'Logged out properly'
|
|
end
|
|
|
|
def welcome
|
|
end
|
|
end
|