luckybooru/src/operations/sign_in_user.cr

class SignInUser < Avram::Operation
  param_key :user

  include UserFromName

  attribute name : String
  attribute password : String

  # Run validations and yields the operation and the user if valid
  def submit
    user = user_from_name
    validate_credentials(user)

    if valid?
      yield self, user
    else
      yield self, nil
    end
  end

  private def validate_credentials(user)
    # TODO: If banned, disallow login

    if user
      unless Authentic.correct_password?(user, password.value.to_s)
        password.add_error "is wrong"
      end
    else
      name.add_error "is not in our system"
    end
  end
end