diff options
Diffstat (limited to 'app/controllers')
| -rw-r--r-- | app/controllers/application_controller.rb | 12 | ||||
| -rw-r--r-- | app/controllers/sessions_controller.rb | 2 |
2 files changed, 14 insertions, 0 deletions
diff --git a/app/controllers/application_controller.rb b/app/controllers/application_controller.rb index 84e9c93..38aeade 100644 --- a/app/controllers/application_controller.rb +++ b/app/controllers/application_controller.rb @@ -3,4 +3,16 @@ class ApplicationController < ActionController::Base # For APIs, you may want to use :null_session instead. #protect_from_forgery with: :exception protect_from_forgery with: :null_session + before_action :authorize! + + private + + def authorize! + redirect_to new_session_path if current_user.nil? + end + + def current_user + return nil if session[:x].blank? + @current_user ||= User.find(session[:x]) + end end diff --git a/app/controllers/sessions_controller.rb b/app/controllers/sessions_controller.rb index 42987e4..ebf0549 100644 --- a/app/controllers/sessions_controller.rb +++ b/app/controllers/sessions_controller.rb @@ -1,4 +1,6 @@ class SessionsController < ApplicationController + skip_before_action :authorize!, only: [:new, :create] + def new @user = User.new end |