class UsersController < ApplicationController

  def index
    @user = User.new
  end

  def create

    username = user_params[:username]
    password = user_params[:password]

    user = User.where(:username => username)
    if (user.size > 0)
      user = User.where(:username => username, :password => password)
      if (user.size > 0)
        session[:user_id] = user.first.id
        redirect_to kidungs_path
        return
      end
    end
    redirect_to root_url
  end

  def destroy
    session.delete(:user_id)
    redirect_to root_url
  end

  private
  def user_params
    params.require(:user).permit(:username, :password)
  end

end