# frozen_string_literal: true module Api # The controller that handles authentications. class AuthenticationsController < ApplicationController def create @current_user_account = UserAccount.find_by(email: permitted_params[:email]) unless @current_user_account&.authenticate(permitted_params[:password]) render json: { error_message: 'Credenciales incorrectas' }, status: :unauthorized and return end render json: generate_token, status: :ok end def destroy current_user_account.update_attribute(:session_key, nil) render status: :no_content end private def service_params { email: @current_user_account.email, role: @current_user_account.role } end def permitted_params params.require(:credentials).permit(:email, :password) end end end