I’ve got two controllers: admin and customers, plus one more called sessions for handling login and authentication. I’m trying to use one login form so that when an admin logs in, they are redirected to their part of the site, and if a customer logs in, they are taken to their part.

Edit: changed the params to login by email, but now getting the error No route matches {:action=>”show”, :controller=>”customers”} when I try to log in as a customer :S!!

Code:

class SessionsController < ApplicationController

 def new
 end

 def create
   user = User.find_by_email(params[:email])
   customer = Customer.find_by_email(params[:email])

   if user and user.authenticate(params[:password])
     session[:user_id] = user.id
     redirect_to admin_url

   elsif customer and customer.authenticate(params[:password])
     session[:customer_id] = customer.id
     redirect to customer_url  

   else
     redirect_to login_url, alert: "Invalid user/password combination"
 end


end

 def destroy
   session[:user_id] = nil
   session[:customer_id] = nil
   redirect_to store_url, notice: "Logged out"
 end
end

Code for the login page (stored in app/sessions/new.html.erb):

<div class="depot_form">
<% if flash[:alert] %>
    <p id="notice"><%= flash[:alert] %></p>
<% end %>

<%= form_tag do %>
<fieldset>
    <legend>Please Log In</legend>

    <div>
        <%= label_tag :email, 'Email:' %>
        <%= text_field_tag :email, params[:email] %>
    </div>

    <div>
        <%= label_tag :password, 'Password:' %>
        <%= password_field_tag :password, params[:password] %>
    </div>

    <div>
        <%= submit_tag "Login" %>
    </div>
</fieldset>
 <% end %>
</div>

Also, if relevant, I’ve got this in the config/routes file:

controller :sessions do
   get  'login' => :new
   post 'login' => :create
  delete 'logout' => :destroy
end

Edit: changed the params to login by email, but now getting the error No route matches {:action=>”show”, :controller=>”customers”} when I try to log in as a customer :S!!