Protected::Engine.routes.draw do
  devise_for :users, {
      :skip => :all,
      :class_name => 'Protected::User',
      :controllers => { :sessions => 'protected/sessions', 
                        :passwords => "protected/passwords" },
      :module => :devise
  }

  devise_scope :user do
    get "sign_in", :to => "sessions#new", :as => "new_user_session"
    post "sessions", :to => "sessions#create", :as => "user_session"
    get "sign_out", :to => "sessions#destroy", :as => "destroy_user_session"
    get 'first_login', :to => 'sessions#first_login', :as => 'first_login'
    put 'update_first_login', :to => 'sessions#update_first_login', :as => 'update_first_login'
    put "password", :to => "passwords#update", :as => "update_password"
    post "password", :to => "passwords#create", :as => "create_password"
    get "password/new", :to => "passwords#new", :as => "new_user_password"
    get "password/edit", :to => "passwords#edit", :as => "edit_user_password"
    match 'not_authorized', :to => 'sessions#not_authorized'
  end

  resources :users, :only => [:edit, :update]
  namespace :admin do
    resources :users do
      member do
        get :unlock
        get :confirm_delete
      end
    end
  end
  match '/admin/', :to => 'admin/users#index', :via => [:get, :post]
  root :to => 'sessions#new'
end