class Api::AuthenticateController < Api::ApiController
  skip_before_action  :authenticate

  def create
    emp_id = params[:emp_id]
    password = params[:password]

    if emp_id && password
      @employee = Employee.login(emp_id, password)
      if @employee && @employee.role == "waiter"
        render json: JSON.generate({:status => true, :session_token => @employee.token_session, :name => @employee.name, :role => @employee.role})
      else
        render json: JSON.generate({:status => false, :error_message => "Bad Emp_ID or Password."})
      end
    else
      render json: JSON.generate({:status => false, :error_message => "Input Parameters missing."})

    end
  end

  def destroy
    logout_status = Employee.logout(params[:session_token])
    if logout_status
      render json: JSON.generate({:status => true})

    else
      render json: JSON.generate({:status => false, :error_message => "Session Token Invalid or Missing"})

    end
  end

  def authenticate_params
    params.permit(:emp_id, :password, :session_token)
  end
end