somaria/gist:543c7da1a6f4f544d17a10eea1d93301

## gistfile1.txt
class AuthController < ApplicationController

  before_action :prevent_page_cache
  skip_before_action :verify_authenticity_token

  def student
    reset_session
  end

  def student_callback
    session_code = params[:session_code].upcase
    index_number = params[:clazz_index_no]

    form = Form.find(Form.from_param(session_code))
    clazz_student = form.clazz.clazz_students.find {|s| s.index_number.to_s == index_number}
    raise 'student not found' if clazz_student.nil?

    student = clazz_student.student

    session[:login] = { type: :student, student_id: student.id, form_id: form.id }
    logger.info {{ message: "Login successful", student_id: student.id, school_code: form.clazz.school.code }}

    redirect_to student_form_path(form)
  rescue
    logger.info {{ message: "Student login failed", session_code: session_code, index_number: index_number }}
    redirect_to auth_student_path, notice: 'Session code or class index number is invalid. Please check.'
  end

  def staff
  end

  def staff_callback

    email = params[:email]
    unique_code = params[:unique_code]

    staff = Staff.find_by(email: email)
    raise 'password does not match' if staff.authenticate(unique_code) == false

    session[:login] = { type: :staff, staff_id: staff.id }

    puts "staff callback 47923"
    puts session[:login]
    puts "staff callback end 8043"

    logger.info {{ message: "Login successful", staff_id: staff.id, school_code: staff.clazzes.first&.school&.code }}

    redirect_to staff_forms_path
  rescue
    logger.info {{ message: "Staff login failed", email: email, unique_code: unique_code }}
    redirect_to auth_staff_path, notice: 'Email or unique code is invalid. Please check.'
  end

  def student_logout
    reset_session
    redirect_to root_path
  end

  def staff_logout
    reset_session
    redirect_to staff_path
  end
end
	class AuthController < ApplicationController

	before_action :prevent_page_cache
	skip_before_action :verify_authenticity_token

	def student
	reset_session
	end

	def student_callback
	session_code = params[:session_code].upcase
	index_number = params[:clazz_index_no]

	form = Form.find(Form.from_param(session_code))
	clazz_student = form.clazz.clazz_students.find {\|s\| s.index_number.to_s == index_number}
	raise 'student not found' if clazz_student.nil?

	student = clazz_student.student

	session[:login] = { type: :student, student_id: student.id, form_id: form.id }
	logger.info {{ message: "Login successful", student_id: student.id, school_code: form.clazz.school.code }}

	redirect_to student_form_path(form)
	rescue
	logger.info {{ message: "Student login failed", session_code: session_code, index_number: index_number }}
	redirect_to auth_student_path, notice: 'Session code or class index number is invalid. Please check.'
	end

	def staff
	end

	def staff_callback

	email = params[:email]
	unique_code = params[:unique_code]

	staff = Staff.find_by(email: email)
	raise 'password does not match' if staff.authenticate(unique_code) == false

	session[:login] = { type: :staff, staff_id: staff.id }

	puts "staff callback 47923"
	puts session[:login]
	puts "staff callback end 8043"

	logger.info {{ message: "Login successful", staff_id: staff.id, school_code: staff.clazzes.first&.school&.code }}

	redirect_to staff_forms_path
	rescue
	logger.info {{ message: "Staff login failed", email: email, unique_code: unique_code }}
	redirect_to auth_staff_path, notice: 'Email or unique code is invalid. Please check.'
	end

	def student_logout
	reset_session
	redirect_to root_path
	end

	def staff_logout
	reset_session
	redirect_to staff_path
	end
	end