test/dummy/app/controllers/sessions_controller.rb in formula-1.0.0 vs test/dummy/app/controllers/sessions_controller.rb in formula-1.0.1
- old
+ new
@@ -12,11 +12,11 @@
respond_with(@session)
end
# POST /session
def create
- @session = Session.new(params[:session])
+ @session = Session.new(attributes)
flash[:notice] = 'Session create successful.' if @session.valid?
flash[:error] = 'Session create failed.' if @session.invalid?
authenticate(@session.user) if @session.valid?
@@ -30,8 +30,14 @@
deauthenticate()
respond_to do |format|
format.html { redirect_to(restore(:default => root_path)) }
end
+ end
+
+private
+
+ def attributes
+ params.require(:session).permit(:email, :password)
end
end