Check authentication on each request (#26)

Reviewed-on: #26
2024-08-16 19:59:29 -04:00 · 2024-08-16 19:59:29 -04:00 · 452be0c49c
commit 452be0c49c
parent 96ca8b7e7c
10 changed files with 59 additions and 10 deletions
--- a/app/controllers/application_controller.rb
+++ b/app/controllers/application_controller.rb
@ -1,2 +1,3 @@
 class ApplicationController < ActionController::Base
+  include Authenticatable
 end
--- a/app/controllers/concerns/authenticatable.rb
+++ b/app/controllers/concerns/authenticatable.rb
@ -0,0 +1,13 @@
+module Authenticatable
+  extend ActiveSupport::Concern
+
+  included do
+    before_action :authenticate_user
+  end
+
+  private
+
+  def authenticate_user
+    Current.user = User.find_by(id: session[:current_user_id]) || GuestUser.new
+  end
+end
--- a/app/models/current.rb
+++ b/app/models/current.rb
@ -0,0 +1,3 @@
+class Current < ActiveSupport::CurrentAttributes
+  attribute :user
+end
--- a/app/models/guest_user.rb
+++ b/app/models/guest_user.rb
@ -0,0 +1,3 @@
+class GuestUser
+  def registered? = false
+end
--- a/app/models/user.rb
+++ b/app/models/user.rb
@ -1,3 +1,5 @@
 class User < ApplicationRecord
  has_secure_password
+
+  def registered? = true
 end
--- a/app/views/layouts/application.html.erb
+++ b/app/views/layouts/application.html.erb
@ -19,7 +19,11 @@
        <li class="mr-6"><%= link_to "Credit Card Bills", credit_card_bills_path, class: "text-white" %></li>
        <li class="mr-6"><%= link_to "Incomes", incomes_path, class: "text-white" %></li>
        <li class="mr-6"><%= link_to "Members", members_path, class: "text-white" %></li>
-        <li class="mr-6"><%= link_to "Log out", session_path, data: {turbo_method: :delete}, class: "text-white" %></li>
+        <% if Current.user.registered? %>
+          <li class="mr-6"><%= link_to "Log out", session_path, data: {turbo_method: :delete}, class: "text-white" %></li>
+        <% else %>
+          <li class="mr-6"><%= link_to "Log in", new_session_path, class: "text-white" %></li>
+        <% end %>
      </ul>
    </nav>

--- a/test/application_system_test_case.rb
+++ b/test/application_system_test_case.rb
@ -4,4 +4,15 @@ class ApplicationSystemTestCase < ActionDispatch::SystemTestCase
  driven_by :selenium,
    using: ENV["VISIBLE_SYSTEM_TESTS"].present? ? :chrome : :headless_chrome,
    screen_size: [ 1400, 1400 ]
+
+  def login(email, password = "secret")
+    visit new_session_url
+
+    fill_in "Email", with: email
+    fill_in "Password", with: "secret"
+
+    click_on "Create Session"
+
+    assert_text "Session was successfully created"
+  end
 end
--- a/test/models/guest_user_test.rb
+++ b/test/models/guest_user_test.rb
@ -0,0 +1,11 @@
+require "test_helper"
+
+class GuestUserTest < ActiveSupport::TestCase
+  setup do
+    @user = GuestUser.new
+  end
+
+  def test_registered_false
+    assert_not @user.registered?
+  end
+end
--- a/test/models/user_test.rb
+++ b/test/models/user_test.rb
@ -1,7 +1,11 @@
 require "test_helper"

 class UserTest < ActiveSupport::TestCase
-  # test "the truth" do
-  #   assert true
-  # end
+  setup do
+    @user = users(:one)
+  end
+
+  def test_registered_true
+    assert @user.registered?
+  end
 end
--- a/test/system/sessions_test.rb
+++ b/test/system/sessions_test.rb
@ -6,17 +6,14 @@ class SessionsTest < ApplicationSystemTestCase
  end

  test "should create session" do
-    visit new_session_url
-
-    fill_in "Email", with: @user.email
-    fill_in "Password", with: "secret"
-
-    click_on "Create Session"
+    login(@user.email)

    assert_text "Session was successfully created"
  end

  test "should destroy Session" do
+    login(@user.email)
+
    visit root_url
    click_on "Log out", match: :first