Add routing constraints for admins and authenticated users

excid3 · excid3 · commit 3e4c92ba7c1b · 2024-10-14T12:10:40.000-05:00
diff --git a/app/controllers/concerns/authentication.rb b/app/controllers/concerns/authentication.rb
@@ -1,6 +1,10 @@
 module Authentication
   extend ActiveSupport::Concern
 
+  # Routing constraints
+  Authenticated = ->(request) { Current.session ||= Session.find_by(id: request.cookie_jar.signed[:session_id]) }
+  Admin = ->(request) { Authenticated.call(request) && Current.user&.admin? }
+
   included do
     before_action :require_authentication
     helper_method :authenticated?
@@ -10,12 +14,13 @@ module Authentication
   class_methods do
     def allow_unauthenticated_access(**options)
       skip_before_action :require_authentication, **options
+      before_action :resume_session
     end
   end
 
   private
     def authenticated?
-      Current.session.present?
+      resume_session
     end
 
     def require_authentication
@@ -29,7 +34,9 @@ def resume_session
     end
 
     def find_session_by_cookie
-      Session.find_by(id: cookies.signed[:session_id])
+      if (id = request.cookie_jar.signed[:session_id])
+        Session.find_by(id: id)
+      end
     end
 
 
diff --git a/app/controllers/main_controller.rb b/app/controllers/main_controller.rb
@@ -1,4 +1,18 @@
 class MainController < ApplicationController
+  allow_unauthenticated_access only: [:about]
+
   def index
   end
+
+  def admin
+    render plain: "Admin area"
+  end
+
+  def dashboard
+    render plain: "Dashboard"
+  end
+
+  def about
+    render plain: "About"
+  end
 end
diff --git a/app/models/current.rb b/app/models/current.rb
@@ -1,14 +1,7 @@
 class Current < ActiveSupport::CurrentAttributes
   attribute :session
-  # delegate :user, to: :session, allow_nil: true
-
   attribute :impersonated_user
 
-  def user
-    impersonated_user || true_user
-  end
-
-  def true_user
-    session&.user
-  end
+  def user = impersonated_user || true_user
+  def true_user = session&.user
 end
diff --git a/app/models/user.rb b/app/models/user.rb
@@ -2,5 +2,5 @@ class User < ApplicationRecord
   has_secure_password
   has_many :sessions, dependent: :destroy
 
-  normalizes :email_address, with: ->(e) { e.strip.downcase }
+  normalizes :email_address, with: ->{ _1.strip.downcase }
 end
diff --git a/config/routes.rb b/config/routes.rb
@@ -1,4 +1,12 @@
 Rails.application.routes.draw do
+  constraints Authentication::Admin do
+    get "admin", to: "main#admin"
+  end
+
+  constraints Authentication::Authenticated do
+    get "dashboard", to: "main#dashboard"
+  end
+
   resource :impersonate
   resource :session
   resources :passwords, param: :token
diff --git a/db/migrate/20241007153451_add_admin_to_users.rb b/db/migrate/20241007153451_add_admin_to_users.rb
@@ -0,0 +1,5 @@
+class AddAdminToUsers < ActiveRecord::Migration[8.0]
+  def change
+    add_column :users, :admin, :boolean
+  end
+end
diff --git a/db/schema.rb b/db/schema.rb
