Commit `feaf5cf`

mo khan <mo@mokhan.ca>

2015-02-21 19:41:44

authorize all requests otherwise redirect to login page.

main

1 parent 9c86918

Changed files (2)

app

controllers

application_controller.rb

sessions_controller.rb

@@ -3,4 +3,16 @@ class ApplicationController < ActionController::Base
   # For APIs, you may want to use :null_session instead.
   #protect_from_forgery with: :exception
   protect_from_forgery with: :null_session
+  before_action :authorize!
+
+  private
+
+  def authorize!
+    redirect_to new_session_path if current_user.nil?
+  end
+
+  def current_user
+    return nil if session[:x].blank?
+    @current_user ||= User.find(session[:x])
+  end
 end

@@ -1,4 +1,6 @@
 class SessionsController < ApplicationController
+  skip_before_action :authorize!, only: [:new, :create]
+
   def new
     @user = User.new
   end

Commit feaf5cf

Commit `feaf5cf`