defmodule ServerWeb.AuthController do
  use ServerWeb, :controller

  def login(conn, _params) do
    render(conn, :login, error: nil, layout: false)
  end

  def create(conn, %{"password" => password}) do
    case Server.Auth.verify_password(password) do
      :ok ->
        conn
        |> configure_session(renew: true)
        |> put_session(:authenticated, true)
        |> redirect(to: "/")

      :error ->
        conn
        |> put_status(:unauthorized)
        |> render(:login, error: "Incorrect password.", layout: false)
    end
  end

  def delete(conn, _params) do
    conn
    |> configure_session(drop: true)
    |> redirect(to: "/login")
  end
end