class SessionsController < ApplicationController # This controller handles the login/logout function of the site. def new #Stub required for Lockdown to grant access end def create password_authentication(params[:login], params[:password]) end def destroy logger.info "resetting session in sessions controller" reset_session flash[:notice] = "You have been logged out." redirect_back_or_default('/') end protected def password_authentication(login, password) set_session_user(User.authenticate(login, password)) if logged_in? successful_login else failed_login end end def failed_login(message = 'Authentication failed.') flash[:error] = message redirect_back_or_default login_path end def successful_login flash[:notice] = "Logged in successfully" redirect_back_or_default Lockdown::System.fetch(:successful_login_path) end end