Refactor Devise integration

- Use scoped users
- Use the named route helpers instead of hardcoded paths

app/controllers/admin/sessions_controller.rb

@@ -1,8 +1,6 @@
 module Admin
   class SessionsController < Devise::SessionsController
-    skip_authorization_check only: :create
-
-    def login
+    def new
       @admin_user = AdminUser.new
     end
 
@@ -10,19 +8,28 @@ module Admin
       if params[:admin_user].blank?
         @admin_user = AdminUser.new
         flash[:alert] = 'Something went wrong'
-        return render 'login'
+        return render :new
       end
 
       @admin_user = AdminUser.find_by(username: params[:admin_user][:username])
       @admin_user ||= AdminUser.new(username: params[:admin_user][:username])
 
       if @admin_user.valid_password?(params[:admin_user][:password])
-        sign_in @admin_user, event: :authentication
-        redirect_to admin_root_url, notice: I18n.t(:welcome)
+        sign_in_and_redirect(:admin_user, @admin_user, event: :authentication)
       else
         flash[:alert] = 'Authorization error'
-        render 'login'
+        render :new
       end
     end
+
+    private
+
+    def after_sign_in_path_for(resource_or_scope)
+      admin_root_path
+    end
+
+    def after_sign_out_path_for(resource_or_scope)
+      new_admin_user_session_path
+    end
   end
-end
+end