Flashing, start basic login code, stub password reset.

app/controllers/admin_controller.rb

@@ -8,6 +8,7 @@ class AdminController < ApplicationController
         AdminSetting.set(key, value)
       end
     end
+    flash.now[:notice] = 'Admin settings updated.'
     render 'index'
   end
 end

app/controllers/users_controller.rb

@@ -9,8 +9,20 @@ class UsersController < ApplicationController
 
   def login
     if request.post?
-      # do user login logic
-      redirect_to root_url
+      if params[:username].nil? || params[:username].empty? ||
+         params[:password].nil? || params[:password].empty?
+        flash.now[:alert] = 'Both a character name and password are required.'
+        render 'login' and return
+      end
+      user = User.find_by(name: params[:username])
+      if user.nil? || !user.authenticate(params[:password])
+        flash.now[:alert] = 'Incorrect character name or password.'
+        render 'login' and return
+      end
+
+      flash.now[:alert] = 'Login successful.'
+      render 'login' and return
+      # redirect_to root_url
     end
   end
 
@@ -20,4 +32,10 @@ class UsersController < ApplicationController
       redirect_to root_url
     end
   end
+
+  def reset
+    if request.post?
+      # do user reset logic
+    end
+  end
 end

app/views/shared/_header.html.erb

@@ -6,10 +6,13 @@
     </span>
   <% end %>
   <span id="user-links">
-    <%= link_to "Signup", controller: "users", action: "signup" %>
+    <%= link_to 'Signup', controller: 'users', action: 'signup' %>
     &bull;
-    <%= link_to "Login", controller: "users", action: "login" %>
+    <%= link_to 'Login', controller: 'users', action: 'login' %>
     &bull;
-    <%= link_to "Admin", controller: "admin", action: "index" %>
+    <%= link_to 'Admin', controller: 'admin', action: 'index' %>
   </span>
 </header>
+<% flash.each do |name, msg| %>
+  <div class="flash">FLASH: <%= name %>: <%= msg %></div>
+<% end %>

app/views/users/login.html.erb

@@ -5,7 +5,17 @@
 <%= form_tag do %>
   <table>
     <tr>
+      <td><%= label_tag('username', 'Character name') %></td>
+      <td><%= text_field_tag('username') %></td>
+    </tr>
+    <tr>
+      <td><%= label_tag('password', 'Password') %></td>
+      <td><%= password_field_tag('password') %></td>
+    </tr>
+    <tr>
       <td colspan="2"><%= submit_tag('Login') %></td>
     </tr>
   </table>
 <% end %>
+
+<p><%= link_to "Forgot your password?", controller: 'users', action: 'reset' %></p>

app/views/users/reset.html.erb

@@ -0,0 +1,15 @@
+<% provide(:title, 'Reset Password') %>
+
+<h1>Reset Password</h1>
+
+<%= form_tag do %>
+  <table>
+    <tr>
+      <td><%= label_tag('email', 'Email address') %></td>
+      <td><%= email_field_tag('email') %></td>
+    </tr>
+    <tr>
+      <td colspan="2"><%= submit_tag('Send password reset email') %></td>
+    </tr>
+  </table>
+<% end %>

config/routes.rb

@@ -7,6 +7,8 @@ Rails.application.routes.draw do
   post '/login'  => 'users#login'
   get  '/logout' => 'users#logout'
   post '/logout' => 'users#logout'
+  get  '/reset'  => 'users#reset'
+  post '/reset'  => 'users#reset'
 
   get  '/admin'  => 'admin#index'
   post '/admin'  => 'admin#update'