Check authentication on each request #26

Merged
atomaka merged 5 commits from guest-user into main 2024-08-16 19:59:30 -04:00
10 changed files with 59 additions and 10 deletions

View file

@ -1,2 +1,3 @@
class ApplicationController < ActionController::Base class ApplicationController < ActionController::Base
include Authenticatable
end end

View file

@ -0,0 +1,13 @@
module Authenticatable
extend ActiveSupport::Concern
included do
before_action :authenticate_user
end
private
def authenticate_user
Current.user = User.find_by(id: session[:current_user_id]) || GuestUser.new
end
end

3
app/models/current.rb Normal file
View file

@ -0,0 +1,3 @@
class Current < ActiveSupport::CurrentAttributes
attribute :user
end

3
app/models/guest_user.rb Normal file
View file

@ -0,0 +1,3 @@
class GuestUser
def registered? = false
end

View file

@ -1,3 +1,5 @@
class User < ApplicationRecord class User < ApplicationRecord
has_secure_password has_secure_password
def registered? = true
end end

View file

@ -19,7 +19,11 @@
<li class="mr-6"><%= link_to "Credit Card Bills", credit_card_bills_path, class: "text-white" %></li> <li class="mr-6"><%= link_to "Credit Card Bills", credit_card_bills_path, class: "text-white" %></li>
<li class="mr-6"><%= link_to "Incomes", incomes_path, class: "text-white" %></li> <li class="mr-6"><%= link_to "Incomes", incomes_path, class: "text-white" %></li>
<li class="mr-6"><%= link_to "Members", members_path, class: "text-white" %></li> <li class="mr-6"><%= link_to "Members", members_path, class: "text-white" %></li>
<% if Current.user.registered? %>
<li class="mr-6"><%= link_to "Log out", session_path, data: {turbo_method: :delete}, class: "text-white" %></li> <li class="mr-6"><%= link_to "Log out", session_path, data: {turbo_method: :delete}, class: "text-white" %></li>
<% else %>
<li class="mr-6"><%= link_to "Log in", new_session_path, class: "text-white" %></li>
<% end %>
</ul> </ul>
</nav> </nav>

View file

@ -4,4 +4,15 @@ class ApplicationSystemTestCase < ActionDispatch::SystemTestCase
driven_by :selenium, driven_by :selenium,
using: ENV["VISIBLE_SYSTEM_TESTS"].present? ? :chrome : :headless_chrome, using: ENV["VISIBLE_SYSTEM_TESTS"].present? ? :chrome : :headless_chrome,
screen_size: [ 1400, 1400 ] screen_size: [ 1400, 1400 ]
def login(email, password = "secret")
visit new_session_url
fill_in "Email", with: email
fill_in "Password", with: "secret"
click_on "Create Session"
assert_text "Session was successfully created"
end
end end

View file

@ -0,0 +1,11 @@
require "test_helper"
class GuestUserTest < ActiveSupport::TestCase
setup do
@user = GuestUser.new
end
def test_registered_false
assert_not @user.registered?
end
end

View file

@ -1,7 +1,11 @@
require "test_helper" require "test_helper"
class UserTest < ActiveSupport::TestCase class UserTest < ActiveSupport::TestCase
# test "the truth" do setup do
# assert true @user = users(:one)
# end end
def test_registered_true
assert @user.registered?
end
end end

View file

@ -6,17 +6,14 @@ class SessionsTest < ApplicationSystemTestCase
end end
test "should create session" do test "should create session" do
visit new_session_url login(@user.email)
fill_in "Email", with: @user.email
fill_in "Password", with: "secret"
click_on "Create Session"
assert_text "Session was successfully created" assert_text "Session was successfully created"
end end
test "should destroy Session" do test "should destroy Session" do
login(@user.email)
visit root_url visit root_url
click_on "Log out", match: :first click_on "Log out", match: :first