class SessionsController < ApplicationController
  def login
    token_authenticate!
    redirect_to root_path
  end

  private

  def token_authenticate!
    user_token = params.delete(:user_token)
    return if user_token.blank? || !Parameter.load('allow_token_authentication')
    flash.clear
    user = User.find_by(persistence_token: user_token)
    if user.present?
      sign_in(user)
    else
      sign_out
    end
  end
end