From 452be0c49caf3d4d30e103892977a7d043eac2cb Mon Sep 17 00:00:00 2001 From: Andrew Tomaka Date: Fri, 16 Aug 2024 19:59:29 -0400 Subject: [PATCH] Check authentication on each request (#26) Reviewed-on: https://git.atomaka.com/atomaka/budget/pulls/26 --- app/controllers/application_controller.rb | 1 + app/controllers/concerns/authenticatable.rb | 13 +++++++++++++ app/models/current.rb | 3 +++ app/models/guest_user.rb | 3 +++ app/models/user.rb | 2 ++ app/views/layouts/application.html.erb | 6 +++++- test/application_system_test_case.rb | 11 +++++++++++ test/models/guest_user_test.rb | 11 +++++++++++ test/models/user_test.rb | 10 +++++++--- test/system/sessions_test.rb | 9 +++------ 10 files changed, 59 insertions(+), 10 deletions(-) create mode 100644 app/controllers/concerns/authenticatable.rb create mode 100644 app/models/current.rb create mode 100644 app/models/guest_user.rb create mode 100644 test/models/guest_user_test.rb diff --git a/app/controllers/application_controller.rb b/app/controllers/application_controller.rb index 09705d1..1374ee0 100644 --- a/app/controllers/application_controller.rb +++ b/app/controllers/application_controller.rb @@ -1,2 +1,3 @@ class ApplicationController < ActionController::Base + include Authenticatable end diff --git a/app/controllers/concerns/authenticatable.rb b/app/controllers/concerns/authenticatable.rb new file mode 100644 index 0000000..492f5ce --- /dev/null +++ b/app/controllers/concerns/authenticatable.rb @@ -0,0 +1,13 @@ +module Authenticatable + extend ActiveSupport::Concern + + included do + before_action :authenticate_user + end + + private + + def authenticate_user + Current.user = User.find_by(id: session[:current_user_id]) || GuestUser.new + end +end diff --git a/app/models/current.rb b/app/models/current.rb new file mode 100644 index 0000000..73a9744 --- /dev/null +++ b/app/models/current.rb @@ -0,0 +1,3 @@ +class Current < ActiveSupport::CurrentAttributes + attribute :user +end diff --git a/app/models/guest_user.rb b/app/models/guest_user.rb new file mode 100644 index 0000000..9f6dbd1 --- /dev/null +++ b/app/models/guest_user.rb @@ -0,0 +1,3 @@ +class GuestUser + def registered? = false +end diff --git a/app/models/user.rb b/app/models/user.rb index d67da20..1d74647 100644 --- a/app/models/user.rb +++ b/app/models/user.rb @@ -1,3 +1,5 @@ class User < ApplicationRecord has_secure_password + + def registered? = true end diff --git a/app/views/layouts/application.html.erb b/app/views/layouts/application.html.erb index fbc9c63..a4b84df 100644 --- a/app/views/layouts/application.html.erb +++ b/app/views/layouts/application.html.erb @@ -19,7 +19,11 @@
  • <%= link_to "Credit Card Bills", credit_card_bills_path, class: "text-white" %>
  • <%= link_to "Incomes", incomes_path, class: "text-white" %>
  • <%= link_to "Members", members_path, class: "text-white" %>
  • -
  • <%= link_to "Log out", session_path, data: {turbo_method: :delete}, class: "text-white" %>
  • + <% if Current.user.registered? %> +
  • <%= link_to "Log out", session_path, data: {turbo_method: :delete}, class: "text-white" %>
  • + <% else %> +
  • <%= link_to "Log in", new_session_path, class: "text-white" %>
  • + <% end %> diff --git a/test/application_system_test_case.rb b/test/application_system_test_case.rb index e2db3a5..e3e8707 100644 --- a/test/application_system_test_case.rb +++ b/test/application_system_test_case.rb @@ -4,4 +4,15 @@ class ApplicationSystemTestCase < ActionDispatch::SystemTestCase driven_by :selenium, using: ENV["VISIBLE_SYSTEM_TESTS"].present? ? :chrome : :headless_chrome, screen_size: [ 1400, 1400 ] + + def login(email, password = "secret") + visit new_session_url + + fill_in "Email", with: email + fill_in "Password", with: "secret" + + click_on "Create Session" + + assert_text "Session was successfully created" + end end diff --git a/test/models/guest_user_test.rb b/test/models/guest_user_test.rb new file mode 100644 index 0000000..3977273 --- /dev/null +++ b/test/models/guest_user_test.rb @@ -0,0 +1,11 @@ +require "test_helper" + +class GuestUserTest < ActiveSupport::TestCase + setup do + @user = GuestUser.new + end + + def test_registered_false + assert_not @user.registered? + end +end diff --git a/test/models/user_test.rb b/test/models/user_test.rb index 5c07f49..5f29df7 100644 --- a/test/models/user_test.rb +++ b/test/models/user_test.rb @@ -1,7 +1,11 @@ require "test_helper" class UserTest < ActiveSupport::TestCase - # test "the truth" do - # assert true - # end + setup do + @user = users(:one) + end + + def test_registered_true + assert @user.registered? + end end diff --git a/test/system/sessions_test.rb b/test/system/sessions_test.rb index 7715288..958d1a5 100644 --- a/test/system/sessions_test.rb +++ b/test/system/sessions_test.rb @@ -6,17 +6,14 @@ class SessionsTest < ApplicationSystemTestCase end test "should create session" do - visit new_session_url - - fill_in "Email", with: @user.email - fill_in "Password", with: "secret" - - click_on "Create Session" + login(@user.email) assert_text "Session was successfully created" end test "should destroy Session" do + login(@user.email) + visit root_url click_on "Log out", match: :first