class SessionsController < ApplicationController
  skip_before_action :authorize

  def new
  end

  def create
    user = User.find_by(name: params[:name])
    if user&.authenticate(params[:password])
      session[:user_id] = user.id
      redirect_to documents_url
    else
      redirect_to login_url
    end
  end

  def destroy
    session[:user_id] = nil
  end
end