From 3e4c92ba7c1baa2a92142c6e8483c41bb7a73dc1 Mon Sep 17 00:00:00 2001 From: Chris Oliver Date: Mon, 14 Oct 2024 12:10:40 -0500 Subject: [PATCH] Add routing constraints for admins and authenticated users --- app/controllers/concerns/authentication.rb | 11 +++++++++-- app/controllers/main_controller.rb | 14 ++++++++++++++ app/models/current.rb | 11 ++--------- app/models/user.rb | 2 +- config/routes.rb | 8 ++++++++ db/migrate/20241007153451_add_admin_to_users.rb | 5 +++++ db/schema.rb | 3 ++- 7 files changed, 41 insertions(+), 13 deletions(-) create mode 100644 db/migrate/20241007153451_add_admin_to_users.rb diff --git a/app/controllers/concerns/authentication.rb b/app/controllers/concerns/authentication.rb index 5f7936e..f20eca9 100644 --- a/app/controllers/concerns/authentication.rb +++ b/app/controllers/concerns/authentication.rb @@ -1,6 +1,10 @@ module Authentication extend ActiveSupport::Concern + # Routing constraints + Authenticated = ->(request) { Current.session ||= Session.find_by(id: request.cookie_jar.signed[:session_id]) } + Admin = ->(request) { Authenticated.call(request) && Current.user&.admin? } + included do before_action :require_authentication helper_method :authenticated? @@ -10,12 +14,13 @@ module Authentication class_methods do def allow_unauthenticated_access(**options) skip_before_action :require_authentication, **options + before_action :resume_session end end private def authenticated? - Current.session.present? + resume_session end def require_authentication @@ -29,7 +34,9 @@ def resume_session end def find_session_by_cookie - Session.find_by(id: cookies.signed[:session_id]) + if (id = request.cookie_jar.signed[:session_id]) + Session.find_by(id: id) + end end diff --git a/app/controllers/main_controller.rb b/app/controllers/main_controller.rb index 88181c2..83382dc 100644 --- a/app/controllers/main_controller.rb +++ b/app/controllers/main_controller.rb @@ -1,4 +1,18 @@ class MainController < ApplicationController + allow_unauthenticated_access only: [:about] + def index end + + def admin + render plain: "Admin area" + end + + def dashboard + render plain: "Dashboard" + end + + def about + render plain: "About" + end end diff --git a/app/models/current.rb b/app/models/current.rb index 3a94e8d..f73fcf4 100644 --- a/app/models/current.rb +++ b/app/models/current.rb @@ -1,14 +1,7 @@ class Current < ActiveSupport::CurrentAttributes attribute :session - # delegate :user, to: :session, allow_nil: true - attribute :impersonated_user - def user - impersonated_user || true_user - end - - def true_user - session&.user - end + def user = impersonated_user || true_user + def true_user = session&.user end diff --git a/app/models/user.rb b/app/models/user.rb index c88d5b0..1061e3b 100644 --- a/app/models/user.rb +++ b/app/models/user.rb @@ -2,5 +2,5 @@ class User < ApplicationRecord has_secure_password has_many :sessions, dependent: :destroy - normalizes :email_address, with: ->(e) { e.strip.downcase } + normalizes :email_address, with: ->{ _1.strip.downcase } end diff --git a/config/routes.rb b/config/routes.rb index dc16557..e87ee7d 100644 --- a/config/routes.rb +++ b/config/routes.rb @@ -1,4 +1,12 @@ Rails.application.routes.draw do + constraints Authentication::Admin do + get "admin", to: "main#admin" + end + + constraints Authentication::Authenticated do + get "dashboard", to: "main#dashboard" + end + resource :impersonate resource :session resources :passwords, param: :token diff --git a/db/migrate/20241007153451_add_admin_to_users.rb b/db/migrate/20241007153451_add_admin_to_users.rb new file mode 100644 index 0000000..b1eb2b7 --- /dev/null +++ b/db/migrate/20241007153451_add_admin_to_users.rb @@ -0,0 +1,5 @@ +class AddAdminToUsers < ActiveRecord::Migration[8.0] + def change + add_column :users, :admin, :boolean + end +end diff --git a/db/schema.rb b/db/schema.rb index 1565689..f616303 100644 --- a/db/schema.rb +++ b/db/schema.rb @@ -10,7 +10,7 @@ # # It's strongly recommended that you check this file into your version control system. -ActiveRecord::Schema[8.0].define(version: 2024_10_03_180945) do +ActiveRecord::Schema[8.0].define(version: 2024_10_07_153451) do create_table "sessions", force: :cascade do |t| t.integer "user_id", null: false t.string "ip_address" @@ -25,6 +25,7 @@ t.string "password_digest", null: false t.datetime "created_at", null: false t.datetime "updated_at", null: false + t.boolean "admin" t.index ["email_address"], name: "index_users_on_email_address", unique: true end