class Api::AuthController < ApplicationController
	skip_before_filter  :verify_authenticity_token
	def login
		username = params[:username]
    access = params[:access_code]
   		 
   		user = Member.find_by_email(username)
		if user && user.valid_password?(access)
		 	user.session_token = SecureRandom.hex 		 	 
      		if user.save
      			@out=true,user.session_token
      		else
      			@out=false,"Error occurs in login process."
      		end
      	else
      	    @out=false,"Sorry!Unauthorized user!" 
		end
	end
	def logout
      login_token = params[:session_token]
      @user = Member.find_by_session_token(login_token)
      if !@user.nil? 
          @user.session_token = nil
          if @user.save            
            return @user
          end  
      end
  end
end