1class ApplicationController < ActionController::Base
 2  # Prevent CSRF attacks by raising an exception.
 3  # For APIs, you may want to use :null_session instead.
 4  protect_from_forgery with: :exception
 5  before_action :authorize!
 6
 7  protected
 8
 9  def publish(message)
10    Publisher.publish(message)
11  end
12
13  private
14
15  def authorize!
16    redirect_to new_session_path if current_user.nil?
17  end
18
19  def current_user
20    return nil if session[:x].blank?
21    @current_user ||= User.find(session[:x])
22  end
23end