class RegistrationsController < ApplicationController
  allow_unauthenticated_access only: [:new, :create]
  before_action :ensure_no_users_exist, only: [:new, :create]

  def new
    @user = User.new
  end

  def create
    @user = User.new(user_params)

    if @user.save
      start_new_session_for(@user)
      redirect_to root_path, notice: "Welcome! Your admin account has been created successfully."
    else
      render :new, status: :unprocessable_entity
    end
  end

  private

  def user_params
    params.require(:user).permit(:email_address, :password, :password_confirmation)
  end

  def ensure_no_users_exist
    if User.exists?
      redirect_to new_session_path, alert: "Registration is not allowed. Users already exist."
    end
  end
end