Use DB for auth sessions (#1233)

* DB sessions

* Validations for profile image

app/controllers/sessions_controller.rb

@@ -1,4 +1,5 @@
 class SessionsController < ApplicationController
+  before_action :set_session, only: :destroy
   skip_authentication only: %i[new create]
 
   layout "auth"
@@ -8,7 +9,7 @@ class SessionsController < ApplicationController
 
   def create
     if user = User.authenticate_by(email: params[:email], password: params[:password])
-      login user
+      @session = create_session_for(user)
       redirect_to root_path
     else
       flash.now[:alert] = t(".invalid_credentials")
@@ -17,7 +18,12 @@ class SessionsController < ApplicationController
   end
 
   def destroy
-    logout
+    @session.destroy
     redirect_to root_path, notice: t(".logout_successful")
   end
+
+  private
+    def set_session
+      @session = Current.user.sessions.find(params[:id])
+    end
 end