class SessionsController < ApplicationController # GET /sessions/new # GET /sessions/new.json def new @session = Session.new respond_to do |format| format.html # new.html.erb format.json { render json: @session } end end # POST /sessions # POST /sessions.json def create login = Session.new(session_params) hash = SessionsController.create_password_digest login.username, login.password user = User.where(name: login.username, password: hash) if user.length < 1 redirect_to login_path, notice: 'Username or password incorrect' return end session[:user] = user[0].id session.delete(:anon_user) respond_to do |format| format.html { redirect_to dashboard_path, notice: 'Login successful.' } format.json { render json: true, status: :created } end end # GET /logout def destroy session.delete(:user) session.delete(:anon_user) respond_to do |format| format.html { redirect_to homepage_path, notice: 'Logged out!' } format.json { head :no_content } end end def self.create_password_digest(username, password) require 'digest' Digest::MD5.hexdigest(username + "'s password IS... " + password + ' (lol!)') end private def session_params params.require(:session).permit(:username, :password) end end