Sha256: e08a56702e634d88701558affa6c4ced5ef66e701e2d3c453d89ac7ba697eef0

Contents?: true

Size: 1.16 KB

Versions: 1

Compression:

Stored size: 1.16 KB

Contents

# frozen_string_literal: true

module MinimalistAuthentication
  module Controller
    extend ActiveSupport::Concern

    included do
      # Lock down everything by default
      # use skip_before_action to open up specific actions
      before_action :authorization_required

      helper_method :current_user, :logged_in?, :authorized?
    end

    private

    def current_user
      @current_user ||= find_session_user || MinimalistAuthentication.configuration.user_model.guest
    end

    def find_session_user
      MinimalistAuthentication.configuration.user_model.find_enabled(session_user_id)
    end

    def session_user_id
      session[MinimalistAuthentication.configuration.session_key]
    end

    def authorization_required
      authorized? || access_denied
    end

    def authorized?(_action = action_name, _resource = controller_name)
      logged_in?
    end

    def logged_in?
      !current_user.guest?
    end

    def access_denied
      store_location if request.get? && !logged_in?
      redirect_to new_session_path
    end

    def store_location
      session["return_to"] = url_for(request.params.merge(format: :html, only_path: true))
    end
  end
end

Version data entries

1 entries across 1 versions & 1 rubygems

Version Path
minimalist_authentication-3.1.0 lib/minimalist_authentication/controller.rb