app/controllers/sessions_controller.rb


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29

class SessionsController < PublicController
  def new
    if current_user.present?
      redirect_to dashboard_path
    else
      @user = User.new
    end
  end

  def create
    if user_session = User.login(
        params[:user][:username],
        params[:user][:password]
    )
      reset_session
      session[:user_id] = user_session.access(request)
      redirect_to dashboard_path
    else
      flash[:warning] = t("sessions.create.invalid_login")
      redirect_to new_session_path
    end
  end

  def destroy
    UserSession.authenticate(session[:user_id]).try(:revoke!)
    reset_session
    redirect_to root_path
  end
end