From 452be0c49caf3d4d30e103892977a7d043eac2cb Mon Sep 17 00:00:00 2001
From: Andrew Tomaka <atomaka@atomaka.com>
Date: Fri, 16 Aug 2024 19:59:29 -0400
Subject: [PATCH] Check authentication on each request (#26)

Reviewed-on: https://git.atomaka.com/atomaka/budget/pulls/26
---
 app/controllers/application_controller.rb   |  1 +
 app/controllers/concerns/authenticatable.rb | 13 +++++++++++++
 app/models/current.rb                       |  3 +++
 app/models/guest_user.rb                    |  3 +++
 app/models/user.rb                          |  2 ++
 app/views/layouts/application.html.erb      |  6 +++++-
 test/application_system_test_case.rb        | 11 +++++++++++
 test/models/guest_user_test.rb              | 11 +++++++++++
 test/models/user_test.rb                    | 10 +++++++---
 test/system/sessions_test.rb                |  9 +++------
 10 files changed, 59 insertions(+), 10 deletions(-)
 create mode 100644 app/controllers/concerns/authenticatable.rb
 create mode 100644 app/models/current.rb
 create mode 100644 app/models/guest_user.rb
 create mode 100644 test/models/guest_user_test.rb

diff --git a/app/controllers/application_controller.rb b/app/controllers/application_controller.rb
index 09705d1..1374ee0 100644
--- a/app/controllers/application_controller.rb
+++ b/app/controllers/application_controller.rb
@@ -1,2 +1,3 @@
 class ApplicationController < ActionController::Base
+  include Authenticatable
 end
diff --git a/app/controllers/concerns/authenticatable.rb b/app/controllers/concerns/authenticatable.rb
new file mode 100644
index 0000000..492f5ce
--- /dev/null
+++ b/app/controllers/concerns/authenticatable.rb
@@ -0,0 +1,13 @@
+module Authenticatable
+  extend ActiveSupport::Concern
+
+  included do
+    before_action :authenticate_user
+  end
+
+  private
+
+  def authenticate_user
+    Current.user = User.find_by(id: session[:current_user_id]) || GuestUser.new
+  end
+end
diff --git a/app/models/current.rb b/app/models/current.rb
new file mode 100644
index 0000000..73a9744
--- /dev/null
+++ b/app/models/current.rb
@@ -0,0 +1,3 @@
+class Current < ActiveSupport::CurrentAttributes
+  attribute :user
+end
diff --git a/app/models/guest_user.rb b/app/models/guest_user.rb
new file mode 100644
index 0000000..9f6dbd1
--- /dev/null
+++ b/app/models/guest_user.rb
@@ -0,0 +1,3 @@
+class GuestUser
+  def registered? = false
+end
diff --git a/app/models/user.rb b/app/models/user.rb
index d67da20..1d74647 100644
--- a/app/models/user.rb
+++ b/app/models/user.rb
@@ -1,3 +1,5 @@
 class User < ApplicationRecord
   has_secure_password
+
+  def registered? = true
 end
diff --git a/app/views/layouts/application.html.erb b/app/views/layouts/application.html.erb
index fbc9c63..a4b84df 100644
--- a/app/views/layouts/application.html.erb
+++ b/app/views/layouts/application.html.erb
@@ -19,7 +19,11 @@
         <li class="mr-6"><%= link_to "Credit Card Bills", credit_card_bills_path, class: "text-white" %></li>
         <li class="mr-6"><%= link_to "Incomes", incomes_path, class: "text-white" %></li>
         <li class="mr-6"><%= link_to "Members", members_path, class: "text-white" %></li>
-        <li class="mr-6"><%= link_to "Log out", session_path, data: {turbo_method: :delete}, class: "text-white" %></li>
+        <% if Current.user.registered? %>
+          <li class="mr-6"><%= link_to "Log out", session_path, data: {turbo_method: :delete}, class: "text-white" %></li>
+        <% else %>
+          <li class="mr-6"><%= link_to "Log in", new_session_path, class: "text-white" %></li>
+        <% end %>
       </ul>
     </nav>
 
diff --git a/test/application_system_test_case.rb b/test/application_system_test_case.rb
index e2db3a5..e3e8707 100644
--- a/test/application_system_test_case.rb
+++ b/test/application_system_test_case.rb
@@ -4,4 +4,15 @@ class ApplicationSystemTestCase < ActionDispatch::SystemTestCase
   driven_by :selenium,
     using: ENV["VISIBLE_SYSTEM_TESTS"].present? ? :chrome : :headless_chrome,
     screen_size: [ 1400, 1400 ]
+
+  def login(email, password = "secret")
+    visit new_session_url
+
+    fill_in "Email", with: email
+    fill_in "Password", with: "secret"
+
+    click_on "Create Session"
+
+    assert_text "Session was successfully created"
+  end
 end
diff --git a/test/models/guest_user_test.rb b/test/models/guest_user_test.rb
new file mode 100644
index 0000000..3977273
--- /dev/null
+++ b/test/models/guest_user_test.rb
@@ -0,0 +1,11 @@
+require "test_helper"
+
+class GuestUserTest < ActiveSupport::TestCase
+  setup do
+    @user = GuestUser.new
+  end
+
+  def test_registered_false
+    assert_not @user.registered?
+  end
+end
diff --git a/test/models/user_test.rb b/test/models/user_test.rb
index 5c07f49..5f29df7 100644
--- a/test/models/user_test.rb
+++ b/test/models/user_test.rb
@@ -1,7 +1,11 @@
 require "test_helper"
 
 class UserTest < ActiveSupport::TestCase
-  # test "the truth" do
-  #   assert true
-  # end
+  setup do
+    @user = users(:one)
+  end
+
+  def test_registered_true
+    assert @user.registered?
+  end
 end
diff --git a/test/system/sessions_test.rb b/test/system/sessions_test.rb
index 7715288..958d1a5 100644
--- a/test/system/sessions_test.rb
+++ b/test/system/sessions_test.rb
@@ -6,17 +6,14 @@ class SessionsTest < ApplicationSystemTestCase
   end
 
   test "should create session" do
-    visit new_session_url
-
-    fill_in "Email", with: @user.email
-    fill_in "Password", with: "secret"
-
-    click_on "Create Session"
+    login(@user.email)
 
     assert_text "Session was successfully created"
   end
 
   test "should destroy Session" do
+    login(@user.email)
+
     visit root_url
     click_on "Log out", match: :first