app/controllers/authentication_controller.rb
class AuthenticationController < PublicController
def create
user = User.find_by_email(params[:email].downcase)
if user && user.authenticate(params[:password])
session[:user_id] = user.id
redirect_back_or(projects_path)
else
@sign_in_error = "Username / password combination is invalid"
render :new
end
end
def destroy
session.clear
redirect_to root_path
end
end