# frozen_string_literal: true

module Api
  # The controller that handles authentications.
  class AuthenticationsController < ApplicationController
    def create
      @current_user_account = UserAccount.find_by(email: permitted_params[:email])

      unless @current_user_account&.authenticate(permitted_params[:password])
        render json: { error_message: 'Credenciales incorrectas' }, status: :unauthorized and return
      end

      render json: generate_token, status: :ok
    end

    def destroy
      current_user_account.session_key = nil
      current_user_account.save

      render status: :no_content
    end

    private

    def service_params
      { email: @current_user_account.email,
        role: @current_user_account.role }
    end

    def permitted_params
      params.require(:credentials).permit(:email, :password)
    end
  end
end