recruiter login + index

app/controllers/application_controller.rb

@@ -1,7 +1,21 @@
 class ApplicationController < ActionController::Base
   protect_from_forgery with: :exception
 
-  def current_candidate
-    @current_candidate ||= Candidate.find_by(test_hash: session[:test_id])
+  def current_recruiter
+    @current_recruiter ||= User.find_by(id: session[:user]) if session[:user]
   end
+
+  def current_candidate
+    @current_candidate ||= Candidate.find_by(test_hash: session[:test_id]) if session[:test_id]
+  end
+
+  private
+
+    def auth_params
+      params.require(:auth).permit(:email, :password)
+    end
+
+    def authorize_recruiter
+      redirect_to recruiter_login_path unless current_recruiter
+    end
 end

app/controllers/recruiter_controller.rb

@@ -0,0 +1,40 @@
+class RecruiterController < ApplicationController
+  before_action :authorize_recruiter, except: [:login, :auth]
+
+  def index
+    @candidates = current_recruiter.candidates
+  end
+
+  def new
+    @candidate = Candidate.new
+  end
+
+  def create
+  end
+
+  def login
+    redirect_to recruiter_path unless current_recruiter.nil?
+  end
+
+  def auth
+    recruiter = User.find_by(email: auth_params[:email])
+
+    if recruiter && recruiter.authenticate(auth_params[:password])
+      session[:user] = recruiter.to_i
+      redirect_to recruiter_path
+    else
+      redirect_to recruiter_login_path, flash: { error: "Sorry, incorrect email or password." }
+    end
+  end
+
+  def logout
+    reset_session
+    redirect_to recruiter_login_path
+  end
+
+  private
+
+    def candidate_params
+      params.require(:candidate).permit(:name, :email, :experience, :quiz_id)
+    end
+end

app/models/candidate.rb

@@ -26,6 +26,11 @@ class Candidate < ApplicationRecord
     CandidateQuiz.new(id).build_my_quiz
   end
 
+  def status
+    # TODO: quiz status: not started, started, completed
+    "--"
+  end
+
   private
 
     def generate_test_hash

app/views/recruiter/create.html.erb

@@ -0,0 +1,2 @@
+<h1>Recruiter#create</h1>
+<p>Find me in app/views/recruiter/create.html.erb</p>

app/views/recruiter/index.html.erb

@@ -0,0 +1,23 @@
+<main class="summary_tpl">
+  <h1>Candidates</h1>
+
+  <%= link_to "Create New Candidate", new_candidate_path, {class: 'button'} %>
+
+  <table cellspacing="0" cellpadding="0">
+    <tr>
+      <th>Candidate</th>
+      <th>Email</th>
+      <th>Experience</th>
+      <th>Status</th>
+    </tr>
+
+    <% @candidates.each do |candidate| %>
+      <tr>
+        <td><%= candidate.name %></td>
+        <td><%= mail_to(candidate.email) %></td>
+        <td><%= candidate.experience %> years</td>
+        <td><%= candidate.status %></td>
+      </tr>
+    <% end %>
+  </table>
+</main>

app/views/recruiter/login.html.erb

@@ -0,0 +1,21 @@
+<main class="intro_tpl">
+  <h1>Recruiter Login</h1>
+
+  <% if flash[:error].present? %>
+    <div class="error"><%= flash[:error] %></div>
+  <% end %>
+
+  <%= form_for :auth, url: recruiter_login_path do |form| %>
+    <div class="form-group">
+      <%= form.label :email %>
+      <%= form.email_field :email %>
+    </div>
+
+    <div class="form-group">
+      <%= form.label :password %>
+      <%= form.password_field :password %>
+    </div>
+
+    <%= submit_tag "Login" %>
+  <% end %>
+</main>

app/views/recruiter/new.html.erb

@@ -0,0 +1,2 @@
+<h1>Create new candidate</h1>
+