Add session & user management in the backend

app/controllers/application_controller.rb

@@ -1,4 +1,14 @@
 class ApplicationController < ActionController::Base
   # Only allow modern browsers supporting webp images, web push, badges, import maps, CSS nesting, and CSS :has.
   allow_browser versions: :modern
+
+  def logged_in?
+    if session[:user_id] then true else false end
+  end
+
+  def current_user
+    if logged_in?
+      session[:user_id]
+    end
+  end
 end

app/controllers/sessions_controller.rb

@@ -0,0 +1,21 @@
+class SessionsController < ApplicationController
+  def new
+  end
+
+  def create
+    user = User.find_by(email: params[:email])
+
+    if user && user.authenticate(params[:password])
+      session[:user_id] = user.id
+      redirect_to root_path, notice: "Logged in!"
+    else
+      flash.now[:alert] = "Invalid email or password"
+      render :new, status: :unprocessable_entity
+    end
+  end
+
+  def destroy
+    session[:user_id] = nil
+    redirect_to root_path
+  end
+end

app/controllers/users_controller.rb

@@ -0,0 +1,16 @@
+class UsersController < ApplicationController
+  def new
+  end
+
+  def create
+  end
+
+  def edit
+  end
+
+  def update
+  end
+
+  def destroy
+  end
+end

app/models/user.rb

@@ -0,0 +1,3 @@
+class User < ApplicationRecord
+  has_secure_password
+end

app/views/sessions/destroy.html.erb

@@ -0,0 +1,2 @@
+<h1>Sessions#destroy</h1>
+<p>Find me in app/views/sessions/destroy.html.erb</p>

app/views/sessions/new.html.erb

@@ -0,0 +1,2 @@
+<h1>Sessions#new</h1>
+<p>Find me in app/views/sessions/new.html.erb</p>

app/views/users/edit.html.erb

@@ -0,0 +1,2 @@
+<h1>Users#create</h1>
+<p>Find me in app/views/users/create.html.erb</p>

app/views/users/new.html.erb

@@ -0,0 +1,2 @@
+<h1>Users#new</h1>
+<p>Find me in app/views/users/new.html.erb</p>