# app/controllers/users/sessions_controller.rb class Users::SessionsController < Devise::SessionsController before_action :configure_sign_in_params, only: [:create] # GET /users/sign_in def new @pin_login = params[:pin].present? super end # POST /users/sign_in def create # PIN login para motoristas if params[:pin_login].present? handle_pin_login else super end end protected def after_sign_in_path_for(resource) case resource.role when 'motorista' motorista_path else dashboard_path end end def after_sign_out_path_for(resource_or_scope) new_user_session_path end def configure_sign_in_params devise_parameter_sanitizer.permit(:sign_in, keys: [:email, :password, :pin]) end private def handle_pin_login pin = params[:user][:pin].to_s.strip user = User.find_by(pin_acesso: pin, role: 'motorista') if user&.active? sign_in(user) AuditoriaLog.registrar(user, 'login_pin', request.remote_ip) redirect_to motorista_path, notice: "Bem-vindo, #{user.nome_display}!" else flash.now[:alert] = 'PIN inválido ou motorista inativo.' @pin_login = true render :new, status: :unprocessable_entity end end end