# This module is included in your application controller which makes
# several methods available to all controllers and views. Here's a
# common example you might add to your application layout file.
# 
#   <%% if logged_in? %>
#     Welcome <%%= current_<%= user_singular_name %>.login %>! Not you?
#     <%%= link_to "Sign out", signout_path %>
#   <%% else %>
#     <%%= link_to "Sign up", signup_path %> or
#     <%%= link_to "Sign in", signin_path %>.
#   <%% end %>
# 
# You can also restrict unregistered users from accessing a controller using
# a before filter. For example.
# 
#   before_filter :require_<%= user_singular_name %>, :except => [:index, :show]
module Authentication

  private

  def self.included(controller)
    controller.before_filter :require_<%= user_singular_name %>
    controller.filter_parameter_logging :password, :password_confirmation
    controller.helper_method :current_<%= user_session_singular_name %>, :current_<%= user_singular_name %>, :signed_in?
  end

  def current_<%= user_session_singular_name %>
    return @current_<%= user_session_singular_name %> if defined?(@current_<%= user_session_singular_name %>)
    @current_<%= user_session_singular_name %> = <%= user_session_class_name %>.find
  end

  def current_<%= user_singular_name %>
    return @current_<%= user_singular_name %> if defined?(@current_<%= user_singular_name %>)
    @current_<%= user_singular_name %> = current_<%= user_session_singular_name %> && current_<%= user_session_singular_name %>.<%= user_singular_name %>
  end

  def signed_in?
    !!current_<%= user_singular_name %>
  end

  def require_<%= user_singular_name %>
    unless current_<%= user_singular_name %>
      store_location
      set_require_<%= user_singular_name %>_flash
      redirect_to signin_url
      return false
    end
  end

  def require_no_<%= user_singular_name %>
    if current_<%= user_singular_name %>
      store_location
      flash[:warn] = t(:require_no_<%= user_singular_name %>)
      redirect_to <%= user_singular_name %>_url
      return false
    end
  end

  def store_location
    session[:return_to] = request.request_uri
  end

  # Only to be used by UserSessionsController and UsersController
  def redirect_back_or_default(default)
    redirect_to(session[:return_to] || default)
    session[:return_to] = nil
  end

  # Only when there are no other flash messages to be set
  def set_require_<%= user_singular_name %>_flash
    if flash.now.instance_variable_get(:@flash).blank?
      flash[:info] = t(:require_<%= user_singular_name %>)
    else
      flash.keep
    end
  end

end