class RecruiterController < ApplicationController
  before_action :authorize_recruiter, except: [:login, :auth]

  def index
    @candidates = current_recruiter.candidates
  end

  def new
    @candidate = Candidate.new
  end

  def create
  end

  def login
    redirect_to recruiter_path unless current_recruiter.nil?
  end

  def auth
    recruiter = User.find_by(email: auth_params[:email])

    if recruiter && recruiter.authenticate(auth_params[:password])
      session[:user] = recruiter.to_i
      redirect_to recruiter_path
    else
      redirect_to recruiter_login_path, flash: { error: "Sorry, incorrect email or password." }
    end
  end

  def logout
    reset_session
    redirect_to recruiter_login_path
  end

  private

    def candidate_params
      params.require(:candidate).permit(:name, :email, :experience, :quiz_id)
    end
end