module Admin
  class AuthController < AdminController
    skip_before_action :authorize_admin

    def login
    end

    def auth
      admin = User.find_by(email: auth_params[:email], role: 'admin')

      if admin && admin.authenticate(auth_params[:password])
        session[:user] = admin.to_i
        redirect_to admin_path
      else
        redirect_to admin_login_path,
                    flash: { error: "Sorry, incorrect email or password. Please try again." }
      end
    end

    def logout
      reset_session
      redirect_to admin_login_path
    end
  end
end