start to move authentication logic to UserSession.

3 files changed, 14 insertions, 13 deletions

diff --git a/app/controllers/sessions_controller.rb b/app/controllers/sessions_controller.rb
index 5a20c27..3970e08 100644
--- a/app/controllers/sessions_controller.rb
+++ b/app/controllers/sessions_controller.rb
@@ -1,7 +1,7 @@
 class SessionsController < PublicController
   def create
-    if user = User.authenticate(params[:user][:username], params[:user][:password])
-      session[:user_id] = user.id
+    if user_session = UserSession.authenticate(params[:user][:username], params[:user][:password])
+      session[:user_id] = user_session.id
       redirect_to dashboard_path
     else
       flash[:warning] = t("sessions.create.invalid_login")
diff --git a/app/models/user.rb b/app/models/user.rb
index 1f120e3..e762352 100644
--- a/app/models/user.rb
+++ b/app/models/user.rb
@@ -53,17 +53,6 @@ class User < ActiveRecord::Base
     GoogleDrive.new(self)
   end
 
-  def self.authenticate(username, password)
-    user = User.find_by(
-      "email = :email OR username = :username",
-      username: username.downcase,
-      email: username.downcase
-    )
-    if user.present?
-      user.authenticate(password)
-    end
-  end
-
   private
 
   def create_profile
diff --git a/app/models/user_session.rb b/app/models/user_session.rb
new file mode 100644
index 0000000..c413160
--- /dev/null
+++ b/app/models/user_session.rb
@@ -0,0 +1,12 @@
+class UserSession
+  def self.authenticate(username, password)
+    user = User.find_by(
+      "email = :email OR username = :username",
+      username: username.downcase,
+      email: username.downcase
+    )
+    if user.present?
+      user.authenticate(password)
+    end
+  end
+end