main
1class ApplicationController < ActionController::Base
2 # Prevent CSRF attacks by raising an exception.
3 # For APIs, you may want to use :null_session instead.
4 protect_from_forgery with: :exception
5 before_action :ensure_valid_session
6
7 def resolve(key)
8 Spank::IOC.resolve(key)
9 end
10
11 def current_user
12 @current_user ||= @current_session.user
13 end
14
15 def current_session(session_key = cookies.signed[:raphael])
16 @current_session ||= Session.authenticate!(session_key)
17 end
18
19 private
20
21 def ensure_valid_session
22 redirect_to new_session_path unless current_session
23 rescue ActiveRecord::RecordNotFound
24 redirect_to new_session_path
25 end
26end