# -*- encoding : utf-8 -*-
class Student::AuthsController < ApplicationController
  layout "connexion"
  
  def new
    @student = true
  end

  def create
    @student = true
    user = StudentUser.find_by_email(params[:email])
    if user && user.authenticate(params[:password]) && !user.lock
      #session[:student_user_id] = user.id
      
      
      if params[:remember_me]
        cookies.permanent[:student_auth_token] = user.auth_token
      else
        cookies[:student_auth_token] = user.auth_token
      end
      
      redirect_to student_root_path, notice: "Connecté !"
      
      
    elsif user && user.authenticate(params[:password])
      
      flash.now[:error] = "Votre compte n'est pas encore activé."
      render "new"
      
    else
      flash.now[:error] = "Email ou mot de passe incorect"
      render "new"
    end
  end

  def logout
    cookies.delete(:student_auth_token)
    redirect_to student_root_path, notice: "Déconnecté."
  end
end