Maybe/app/controllers/sessions_controller.rb

class SessionsController < ApplicationController
  before_action :set_session, only: :destroy
  skip_authentication only: %i[new create]

  layout "auth"

  def new
  end

  def create
    if user = User.authenticate_by(email: params[:email], password: params[:password])
      if user.otp_required?
        session[:mfa_user_id] = user.id
        redirect_to verify_mfa_path
      else
        @session = create_session_for(user)
        redirect_to root_path
      end
    else
      flash.now[:alert] = t(".invalid_credentials")
      render :new, status: :unprocessable_entity
    end
  end

  def destroy
    @session.destroy
    redirect_to new_session_path, notice: t(".logout_successful")
  end

  private
    def set_session
      @session = Current.user.sessions.find(params[:id])
    end
end
Initial commit 2024-02-02 09:05:04 -06:00			`class SessionsController < ApplicationController`
Use DB for auth sessions (#1233) * DB sessions * Validations for profile image 2024-10-03 14:42:22 -04:00			`before_action :set_session, only: :destroy`
Centralize auth (#598) 2024-04-03 10:35:55 -04:00			`skip_authentication only: %i[new create]`

Initial commit 2024-02-02 09:05:04 -06:00			`layout "auth"`
Lint files to rubocop omakase standards root ➜ /workspace (fix-rubocop-issues) $ rubocop Inspecting 54 files ...................................................... 54 files inspected, no offenses detected 2024-02-02 16:06:55 +00:00
Initial commit 2024-02-02 09:05:04 -06:00			`def new`
			`end`

			`def create`
			`if user = User.authenticate_by(email: params[:email], password: params[:password])`
Multi-factor authentication (#1817) * Initial pass * Tests for MFA and locale cleanup * Brakeman * Update two-factor authentication status styling * Update app/models/user.rb Co-authored-by: Zach Gollwitzer <zach@maybe.co> Signed-off-by: Josh Pigford <josh@joshpigford.com> * Refactor MFA verification and session handling in tests --------- Signed-off-by: Josh Pigford <josh@joshpigford.com> Co-authored-by: Zach Gollwitzer <zach@maybe.co> 2025-02-06 14:16:53 -06:00			`if user.otp_required?`
			`session[:mfa_user_id] = user.id`
			`redirect_to verify_mfa_path`
			`else`
			`@session = create_session_for(user)`
			`redirect_to root_path`
			`end`
Initial commit 2024-02-02 09:05:04 -06:00			`else`
Centralize auth messages (#269) * Add i18n-tasks * Add auth-related i18n * Centralize auth messages * Remove safe navigation * Revert "Remove safe navigation" This reverts commit 56b5e01e5e0ab9f54a9a5d9f5559e29897d239a4. * Remove newline in Gemfile 2024-02-03 14:17:49 -06:00			`flash.now[:alert] = t(".invalid_credentials")`
Initial commit 2024-02-02 09:05:04 -06:00			`render :new, status: :unprocessable_entity`
			`end`
			`end`
Lint files to rubocop omakase standards root ➜ /workspace (fix-rubocop-issues) $ rubocop Inspecting 54 files ...................................................... 54 files inspected, no offenses detected 2024-02-02 16:06:55 +00:00
Initial commit 2024-02-02 09:05:04 -06:00			`def destroy`
Use DB for auth sessions (#1233) * DB sessions * Validations for profile image 2024-10-03 14:42:22 -04:00			`@session.destroy`
User Onboarding + Bug Fixes (#1352) * Bump min supported date to 20 years * Add basic onboarding * User onboarding * Complete onboarding flow * Cleanup, add user profile update test 2024-10-23 11:20:55 -04:00			`redirect_to new_session_path, notice: t(".logout_successful")`
Initial commit 2024-02-02 09:05:04 -06:00			`end`
Use DB for auth sessions (#1233) * DB sessions * Validations for profile image 2024-10-03 14:42:22 -04:00
			`private`
			`def set_session`
			`@session = Current.user.sessions.find(params[:id])`
			`end`
Initial commit 2024-02-02 09:05:04 -06:00			`end`