correctly handle failed login

app/controllers/sessions_controller.rb

@@ -1,6 +1,9 @@
 # frozen_string_literal: true
 
 class SessionsController < ApplicationController
+
+  LOGIN_FAILED = "Login failed due to invalid credentials. Are you sure you typed them correctly?"
+
   # GET /users/login
   def new
   end
@@ -14,8 +17,10 @@ class SessionsController < ApplicationController
   # POST /users/login
   def create
     user = User.find_by(email: session_params[:email])
-    if user.&authenticate(session_params[:password])
+    if user&.authenticate(session_params[:password])
       login(user)
+    else
+      redirect_to root_path, notice: LOGIN_FAILED
     end
   end
 

app/views/main/index.html.erb

@@ -1,3 +1,11 @@
+<% unless flash.empty? %>
+  <%= render "shared/error_banner" do %>
+    <% flash.each do |key, value| %>
+      <%= content_tag :div, value, class: "flash #{key} d-inline" %>
+    <% end %>
+  <% end %>
+<% end %>
+
 <div class="background landing-section">
   <div class="d-flex align-items-center" style="height: 100%;">
     <div class="container text-center">