refactor: remove token logins

Gemfile

@@ -13,7 +13,6 @@ gem "gelf"
 gem "haml"
 gem "hashie"
 gem "highline", require: false
-gem "jwt"
 gem "kaminari"
 gem "klogger-logger"
 gem "mail"

app/controllers/sessions_controller.rb

@@ -4,7 +4,7 @@ class SessionsController < ApplicationController
 
   layout "sub"
 
-  skip_before_action :login_required, only: [:new, :create, :create_with_token, :begin_password_reset, :finish_password_reset, :ip, :raise_error]
+  skip_before_action :login_required, only: [:new, :create, :begin_password_reset, :finish_password_reset, :ip, :raise_error]
 
   def create
     login(User.authenticate(params[:email_address], params[:password]))
@@ -15,18 +15,6 @@ class SessionsController < ApplicationController
     render "new"
   end
 
-  def create_with_token
-    result = JWT.decode(params[:token], Postal.signing_key.to_s, "HS256")[0]
-    if result["timestamp"] > 1.minute.ago.to_f
-      login(User.find(result["user"].to_i))
-      redirect_to root_path
-    else
-      destroy
-    end
-  rescue JWT::VerificationError
-    destroy
-  end
-
   def destroy
     auth_session.invalidate! if logged_in?
     reset_session

config/routes.rb

@@ -81,7 +81,6 @@ Rails.application.routes.draw do
 
   get "login" => "sessions#new"
   post "login" => "sessions#create"
-  get "login/token" => "sessions#create_with_token"
   delete "logout" => "sessions#destroy"
   match "login/reset" => "sessions#begin_password_reset", :via => [:get, :post]
   match "login/reset/:token" => "sessions#finish_password_reset", :via => [:get, :post]