parent
0f95034e8e
commit
c64550785e
15 changed files with 84 additions and 11 deletions
|
|
@ -1,3 +1,4 @@
|
|||
class ApplicationController < ActionController::Base
|
||||
include Authenticatable
|
||||
include Authorizable
|
||||
end
|
||||
|
|
|
|||
37
app/controllers/concerns/authorizable.rb
Normal file
37
app/controllers/concerns/authorizable.rb
Normal file
|
|
@ -0,0 +1,37 @@
|
|||
module Authorizable
|
||||
extend ActiveSupport::Concern
|
||||
|
||||
included do
|
||||
before_action :require_registered_user
|
||||
end
|
||||
|
||||
class_methods do
|
||||
def allow_unregistered_user(**args)
|
||||
skip_before_action :require_registered_user, **args
|
||||
end
|
||||
|
||||
def require_unregistered_user(**args)
|
||||
skip_before_action :require_registered_user, **args
|
||||
before_action :require_unregistered_user, **args
|
||||
end
|
||||
end
|
||||
|
||||
private
|
||||
|
||||
def require_registered_user
|
||||
Current.user.registered? || redirect_to_sign_in
|
||||
end
|
||||
|
||||
def require_unregistered_user
|
||||
Current.user.unregistered? || redirect_to_dashboard
|
||||
end
|
||||
|
||||
def redirect_to_sign_in
|
||||
session[:return_url] = request.url
|
||||
redirect_to new_session_url, alert: "You must be logged in to continue."
|
||||
end
|
||||
|
||||
def redirect_to_dashboard
|
||||
redirect_to root_url, alert: "You are already logged in."
|
||||
end
|
||||
end
|
||||
|
|
@ -1,4 +1,5 @@
|
|||
class SessionsController < ApplicationController
|
||||
require_unregistered_user only: %i[new create]
|
||||
# GET /sessions/new
|
||||
def new
|
||||
@session = Session.new
|
||||
|
|
@ -11,9 +12,8 @@ class SessionsController < ApplicationController
|
|||
respond_to do |format|
|
||||
if @session.save
|
||||
session[:current_user_id] = @session.user_id
|
||||
Rails.logger.info("ID: #{@session.user_id}")
|
||||
|
||||
format.html { redirect_to root_url, notice: "Session was successfully created." }
|
||||
format.html { redirect_to redirect_url, notice: "Session was successfully created." }
|
||||
format.json { render :show, status: :created, location: @session }
|
||||
else
|
||||
format.html { render :new, status: :unprocessable_entity, alert: @session.errors }
|
||||
|
|
@ -27,12 +27,16 @@ class SessionsController < ApplicationController
|
|||
session[:current_user_id] = nil
|
||||
|
||||
respond_to do |format|
|
||||
format.html { redirect_to root_url, notice: "Session was successfully destroyed." }
|
||||
format.html { redirect_to new_session_url, notice: "Session was successfully destroyed." }
|
||||
format.json { head :no_content }
|
||||
end
|
||||
end
|
||||
|
||||
private
|
||||
def redirect_url
|
||||
session.delete(:return_url) || root_url
|
||||
end
|
||||
|
||||
# Only allow a list of trusted parameters through.
|
||||
def session_params
|
||||
params.require(:session).permit(:email, :password)
|
||||
|
|
|
|||
|
|
@ -1,4 +1,6 @@
|
|||
class UsersController < ApplicationController
|
||||
require_unregistered_user only: %i[new create]
|
||||
|
||||
before_action :set_user, only: %i[ show edit update destroy ]
|
||||
|
||||
# GET /users or /users.json
|
||||
|
|
@ -25,6 +27,9 @@ class UsersController < ApplicationController
|
|||
|
||||
respond_to do |format|
|
||||
if @user.save
|
||||
@session = Session.new(session_params).save
|
||||
session[:current_user_id] = @session.user_id
|
||||
|
||||
format.html { redirect_to user_url(@user), notice: "User was successfully created." }
|
||||
format.json { render :show, status: :created, location: @user }
|
||||
else
|
||||
|
|
@ -67,4 +72,8 @@ class UsersController < ApplicationController
|
|||
def user_params
|
||||
params.require(:user).permit(:email, :password, :password_confirmation)
|
||||
end
|
||||
|
||||
def session_params
|
||||
user_params.slice(:email, :password)
|
||||
end
|
||||
end
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue