# frozen_string_literal: true class ReviewController < ApplicationController before_action :authorize_reviewer, except: [:login, :auth] def index @candidates = Candidate.where(completed: true).includes(:recruiter) end def view @candidate = Candidate.find_by(test_hash: params[:test_hash]) @quiz = @candidate.my_quiz @status = QuizStatus.new(@candidate) end def login redirect_to review_path unless current_reviewer.nil? end def auth reviewer = User.find_by(email: auth_params[:email], role: %w(admin reviewer)) if reviewer && reviewer.authenticate(auth_params[:password]) session[:user] = reviewer.to_i redirect_to review_path else redirect_to review_login_path, flash: { error: "Sorry, incorrect email or password. Please try again." } end end def logout reset_session redirect_to review_login_path end end