1 files changed, 72 insertions, 50 deletions
diff --git a/app/controllers/sessions_controller.rb b/app/controllers/sessions_controller.rb
index 7cb16e8..2f72bf7 100644
--- a/app/controllers/sessions_controller.rb
+++ b/app/controllers/sessions_controller.rb
@@ -1,52 +1,74 @@
 class SessionsController < ApplicationController
-	before_action :set_session, only: [:destroy]
-
-	# GET /sessions/new
-	def new
-		@user = User.new
-		#@session = Session.new
-	end
-	
-	# POST /sessions
-	# POST /sessions.json
-	def create
-		# find the user...
-		@user = User.find_by_email(params[:session][:username_or_email]) || User.find_by_user_name(params[:session][:username_or_email])
-
-		#@session = Session.new(@user)
-		# ... and create a new session
-		respond_to do |format|
-			if @user && @user.authenticate(params[:session][:password])
-				sign_in @user
-				format.html { redirect_to root_path }
-				#format.json { #TODO }
-			else
-				format.html { render action: 'new' }
-				format.json { render json: @user.errors, status: :unprocessable_entity }
-			end
-		end
-	end
-
-	# DELETE /sessions/1
-	# DELETE /sessions/1.json
-	def destroy
-		#@session.destroy
-		sign_out
-		respond_to do |format|
-			format.html { redirect_to root_path }
-			format.json { head :no_content }
-		end
-	end
-
-	private
-
-			# Use callbacks to share common setup or constraints between actions.
-			def set_session
-				#@session = Session.find(cookies[:remember_token])
-			end
-
-			# Never trust parameters from the scary internet, only allow the white list through.
-			def session_params
-				params.require(:session).permit(:session_email, :session_user_name, :session_password)
-			end
+  before_action :set_session, only: [:show, :edit, :update, :destroy]
+
+  # GET /sessions
+  # GET /sessions.json
+  def index
+    @sessions = Session.all
+  end
+
+  # GET /sessions/1
+  # GET /sessions/1.json
+  def show
+  end
+
+  # GET /sessions/new
+  def new
+    @session = Session.new
+  end
+
+  # GET /sessions/1/edit
+  def edit
+  end
+
+  # POST /sessions
+  # POST /sessions.json
+  def create
+    @session = Session.new(session_params)
+
+    respond_to do |format|
+      if @session.save
+        format.html { redirect_to @session, notice: 'Session was successfully created.' }
+        format.json { render action: 'show', status: :created, location: @session }
+      else
+        format.html { render action: 'new' }
+        format.json { render json: @session.errors, status: :unprocessable_entity }
+      end
+    end
+  end
+
+  # PATCH/PUT /sessions/1
+  # PATCH/PUT /sessions/1.json
+  def update
+    respond_to do |format|
+      if @session.update(session_params)
+        format.html { redirect_to @session, notice: 'Session was successfully updated.' }
+        format.json { head :no_content }
+      else
+        format.html { render action: 'edit' }
+        format.json { render json: @session.errors, status: :unprocessable_entity }
+      end
+    end
+  end
+
+  # DELETE /sessions/1
+  # DELETE /sessions/1.json
+  def destroy
+    @session.destroy
+    respond_to do |format|
+      format.html { redirect_to sessions_url }
+      format.json { head :no_content }
+    end
+  end
+
+  private
+    # Use callbacks to share common setup or constraints between actions.
+    def set_session
+      @session = Session.find(params[:id])
+    end
+
+    # Never trust parameters from the scary internet, only allow the white list through.
+    def session_params
+      params.require(:session).permit(:user_id)
+    end
 end