app/controllers/sessions_controller.rb
class SessionsController < ApplicationController
def new
if logged_in?
redirect_to current_user
else
render 'new'
end
end
def create
user = User.find_by(email: params[:session][:email].downcase)
if user && user.authenticate(params[:session][:password])
flash[:notice] = "Login successful!"
# Log the user in and redirect to the user's show page.
log_in user
params[:session][:remember_me] == '1' ? remember(user) : forget(user)
remember user
redirect_to user
else
# Create an error message.
flash.now[:danger] = 'Invalid email/password combination'
render 'new'
end
end
def destroy
log_out if logged_in?
redirect_to root_url
end
end