jaspermayone.com
Managing loaner chromebooks for students and teachers in the HUUSD school district.
1module Authenticatable
2 extend ActiveSupport::Concern
3
4 included do
5 before_action :ensure_authenticated
6 end
7
8 def is_authenticated?
9 session[:user_id].present?
10 end
11
12 def is_not_authenticated?
13 !is_authenticated?
14 end
15
16 def current_user
17 @current_user ||= User.find_by(id: session[:user_id]) if is_authenticated?
18 end
19
20 def ensure_authenticated
21 StatsD.measure('auth.ensure_authenticated') do
22 unless is_authenticated?
23 flash[:warning] = "You need to login to view that page."
24 StatsD.event('Authentication Failure', 'User not authenticated, redirecting to login')
25 redirect_to main_app.login_path
26 end
27 end
28 end
29
30 def ensure_not_authenticated
31 StatsD.measure('auth.ensure_not_authenticated') do
32 if is_authenticated?
33 flash[:info] = "You are already logged in."
34 StatsD.event('Already Authenticated', 'User already logged in, redirecting to root')
35 redirect_to root_path
36 end
37 end
38 end
39
40 def ensure_admin
41 StatsD.measure('auth.ensure_admin') do
42 unless current_user&.admin?
43 flash[:danger] = "You do not have permission to view that page."
44 StatsD.event('Admin Access Denied', 'Non-admin user attempted to access admin page')
45 redirect_to root_path
46 end
47 end
48 end
49
50 def ensure_super_admin
51 StatsD.measure('auth.ensure_super_admin') do
52 unless current_user&.super_admin?
53 flash[:danger] = "You do not have permission to view that page."
54 StatsD.event('Super Admin Access Denied', 'Non-super-admin user attempted to access super admin page')
55 redirect_to root_path
56 end
57 end
58 end
59end