parsley/app/controllers/application_controller.rb

class ApplicationController < ActionController::Base
  # Prevent CSRF attacks by raising an exception.
  # For APIs, you may want to use :null_session instead.
  protect_from_forgery with: :exception

  def ensure_valid_user
    if current_user.nil?
      flash[:warning] = "You must login"
      redirect_to login_path
    end
  end

  def ensure_admin_user
    unless current_user && current_user.is_admin?
      flash[:warning] = "You must login as an admin"
      redirect_to login_path
    end
  end

  def current_user
    @current_user ||= User.find(session[:user_id]) if session[:user_id]
  end
  helper_method :current_user

  def set_current_user(user)
    if user
      session[:user_id] = user.id
    else
      session[:user_id] = nil
    end
  end
end
initial commit 2016-01-12 18:43:00 -06:00			`class ApplicationController < ActionController::Base`
			`# Prevent CSRF attacks by raising an exception.`
			`# For APIs, you may want to use :null_session instead.`
			`protect_from_forgery with: :exception`
Added authentication; cleaned up some UI 2016-01-19 16:50:39 -06:00
			`def ensure_valid_user`
			`if current_user.nil?`
			`flash[:warning] = "You must login"`
			`redirect_to login_path`
			`end`
			`end`

			`def ensure_admin_user`
			`unless current_user && current_user.is_admin?`
			`flash[:warning] = "You must login as an admin"`
			`redirect_to login_path`
			`end`
			`end`

			`def current_user`
			`@current_user \|\|= User.find(session[:user_id]) if session[:user_id]`
			`end`
			`helper_method :current_user`

			`def set_current_user(user)`
			`if user`
			`session[:user_id] = user.id`
			`else`
			`session[:user_id] = nil`
			`end`
			`end`
initial commit 2016-01-12 18:43:00 -06:00			`end`