# frozen_string_literal: true

class UsersController < ApplicationController
  def index
    @users = User.all.order(created_at: :desc)
    @user = User.new
  end

  def create
    user = User.create(password: SecureRandom.hex, created_by: current_user, **user_params)

    user.send_reset_password_instructions if user.persisted?

    redirect_to users_path
  end

  def destroy
    user = User.find(params[:id])
    user.destroy

    sign_out(current_user) if user == current_user

    redirect_to users_path
  end

  private

  def user_params
    @user_params ||= params.require(:user).permit(:email)
  end
end