class ApplicationController < ActionController::Base
  protect_from_forgery with: :exception

  def current_recruiter
    user_parms = { id: session[:user], role: %w(admin recruiter) }
    @current_recruiter ||= User.find_by(user_parms) if session[:user]
  end

  def current_reviewer
    user_parms = { id: session[:user], role: %w(admin reviewer) }
    @current_reviewer ||= User.find_by(user_parms) if session[:user]
  end

  def current_candidate
    @current_candidate ||= Candidate.find_by(test_hash: session[:test_id]) if session[:test_id]
  end

  private

    def auth_params
      params.require(:auth).permit(:email, :password)
    end

    def authorize_recruiter
      redirect_to recruiter_login_path unless current_recruiter
    end

    def authorize_reviewer
      redirect_to review_login_path unless current_reviewer
    end

    def authorize_candidate
      redirect_to welcome_path unless current_candidate
    end
end