class UsersController < ApplicationController

  def login
  end

  def verify
    hash_pass = Digest::SHA1.hexdigest(params[:user][:hashed_password])[0..39]
    user = User.find(:first,:conditions => 
                      ["username = ? and hashed_password = ?", 
                       params[:user][:username], hash_pass ])
    if user
      session['user'] = user
      redirect_to session['initial_uri']
    else    
      flash['notice'] = "Bad username/password!" 
      redirect_to :controller => "users", :action => "login" 
    end     
  end

  def logout
    reset_session
    # Redirect users to Books#admin, which in turn sends them to 
    # Users#login, with a refering url of Books#admin:
    redirect_to :controller => "books", :action => "admin" 
  end
end