Require authentication for most actions
Some checks failed
Ruby CI / test (pull_request) Failing after 40s

This commit is contained in:
Andrew Tomaka 2024-09-08 20:53:07 -04:00
parent d0b4d000eb
commit 108959f2b0
Signed by: atomaka
GPG key ID: 61209BF70A5B18BE
14 changed files with 73 additions and 5 deletions

View file

@ -1,3 +1,4 @@
class ApplicationController < ActionController::Base
include Authenticatable
include Authorizable
end

View file

@ -0,0 +1,37 @@
module Authorizable
extend ActiveSupport::Concern
included do
before_action :require_registered_user
end
class_methods do
def allow_unregistered_user(**args)
skip_before_action :require_registered_user, **args
end
def require_unregistered_user(**args)
skip_before_action :require_registered_user, **args
before_action :require_unregistered_user, **args
end
end
private
def require_registered_user
Current.user.registered? || redirect_to_sign_in
end
def require_unregistered_user
Current.user.unregistered? || redirect_to_dashboard
end
def redirect_to_sign_in
session[:return_url] = request.url
redirect_to new_session_url, alert: "You must be logged in to continue."
end
def redirect_to_dashboard
redirect_to root_url, alert: "You are already logged in."
end
end

View file

@ -1,4 +1,5 @@
class SessionsController < ApplicationController
require_unregistered_user only: %i[new create]
# GET /sessions/new
def new
@session = Session.new
@ -11,7 +12,6 @@ class SessionsController < ApplicationController
respond_to do |format|
if @session.save
session[:current_user_id] = @session.user_id
Rails.logger.info("ID: #{@session.user_id}")
format.html { redirect_to root_url, notice: "Session was successfully created." }
format.json { render :show, status: :created, location: @session }
@ -27,7 +27,7 @@ class SessionsController < ApplicationController
session[:current_user_id] = nil
respond_to do |format|
format.html { redirect_to root_url, notice: "Session was successfully destroyed." }
format.html { redirect_to new_session_url, notice: "Session was successfully destroyed." }
format.json { head :no_content }
end
end

View file

@ -1,4 +1,6 @@
class UsersController < ApplicationController
require_unregistered_user only: %i[new create]
before_action :set_user, only: %i[ show edit update destroy ]
# GET /users or /users.json
@ -25,6 +27,9 @@ class UsersController < ApplicationController
respond_to do |format|
if @user.save
@session = Session.new(session_params).save
session[:current_user_id] = @session.user_id
format.html { redirect_to user_url(@user), notice: "User was successfully created." }
format.json { render :show, status: :created, location: @user }
else
@ -67,4 +72,8 @@ class UsersController < ApplicationController
def user_params
params.require(:user).permit(:email, :password, :password_confirmation)
end
def session_params
user_params.slice(:email, :password)
end
end