class RecruiterController < ApplicationController before_action :authorize_recruiter, except: [:login, :auth] def index @candidates = current_recruiter.candidates end def new @candidate = Candidate.new render :form end def create @candidate = Candidate.create(candidate_params.merge(recruiter_id: current_recruiter.id)) if @candidate.persisted? CandidateMailer.welcome(@candidate).deliver_now RecruiterMailer.candidate_created(@candidate).deliver_now redirect_to recruiter_path, flash: { notice: "Sucessfully created candidate #{@candidate.name}" } else flash[:error] = "Failed to save Candidate." render :form end end def login redirect_to recruiter_path unless current_recruiter.nil? end def auth recruiter = User.find_by(email: auth_params[:email], role: %w(admin recruiter)) if recruiter && recruiter.authenticate(auth_params[:password]) session[:user] = recruiter.to_i redirect_to recruiter_path else redirect_to recruiter_login_path, flash: { error: "Sorry, incorrect email or password." } end end def logout reset_session redirect_to recruiter_login_path end private def candidate_params params.require(:candidate).permit(:name, :email, :experience, :quiz_id) end end