32 lines
773 B
Ruby
32 lines
773 B
Ruby
# controllers/application_controller.rb
|
|
class ApplicationController < ActionController::Base
|
|
protect_from_forgery with: :exception
|
|
|
|
helper_method :current_user
|
|
helper_method :current_session
|
|
helper_method :logged_in?
|
|
|
|
include Pundit
|
|
|
|
rescue_from Pundit::NotAuthorizedError, with: :user_not_authorized
|
|
|
|
private
|
|
|
|
def current_user
|
|
@current_user ||= User.find(current_session[:user_id]) if current_session
|
|
@current_user ||= GuestUser.new
|
|
end
|
|
|
|
def current_session
|
|
@current_session ||= UserSession.authenticate(cookies[:user_session])
|
|
end
|
|
|
|
def logged_in?
|
|
current_user.registered?
|
|
end
|
|
|
|
def user_not_authorized
|
|
flash[:alert] = 'You are not authorized to perform this action.'
|
|
redirect_to(request.referrer || root_path)
|
|
end
|
|
end
|