From be2a93525069de2dfa3c23b0c23e7a9f7ad4c03d Mon Sep 17 00:00:00 2001
From: Marius Peter <marius.peter@tutanota.com>
Date: Sun, 29 Dec 2024 15:14:43 +0100
Subject: First commit.

---
 app/controllers/sessions_controller.rb | 21 +++++++++++++++++++++
 1 file changed, 21 insertions(+)
 create mode 100644 app/controllers/sessions_controller.rb

(limited to 'app/controllers/sessions_controller.rb')

diff --git a/app/controllers/sessions_controller.rb b/app/controllers/sessions_controller.rb
new file mode 100644
index 0000000..9785c92
--- /dev/null
+++ b/app/controllers/sessions_controller.rb
@@ -0,0 +1,21 @@
+class SessionsController < ApplicationController
+  allow_unauthenticated_access only: %i[ new create ]
+  rate_limit to: 10, within: 3.minutes, only: :create, with: -> { redirect_to new_session_url, alert: "Try again later." }
+
+  def new
+  end
+
+  def create
+    if user = User.authenticate_by(params.permit(:email_address, :password))
+      start_new_session_for user
+      redirect_to after_authentication_url
+    else
+      redirect_to new_session_path, alert: "Try another email address or password."
+    end
+  end
+
+  def destroy
+    terminate_session
+    redirect_to new_session_path
+  end
+end
-- 
cgit v1.2.3