1class ApplicationController < ActionController::Base
 2  include Pageable
 3  # Prevent CSRF attacks by raising an exception.
 4  # For APIs, you may want to use :null_session instead.
 5  protect_from_forgery with: :exception
 6  before_action :load_header
 7  before_action :extend_session_cookie
 8  helper_method :current_user, :current_user?
 9  rescue_from ActiveRecord::RecordNotFound, with: :record_not_found
10
11  def user_session(session_key = session[:raphael])
12    @user_session ||= UserSession.authenticate(session_key)
13  end
14
15  def current_user
16    user_session.try(:user)
17  end
18
19  def current_user?
20    current_user.present?
21  end
22
23  private
24
25  def load_header
26    @categories = Category.all
27  end
28
29  def authenticate!
30    redirect_to login_path unless user_session
31  end
32
33  def extend_session_cookie
34    session[:raphael] = user_session.access(request) if current_user?
35  end
36
37  def record_not_found
38    redirect_to root_path, status: :moved_permanently
39  end
40end