1class ApplicationController < ActionController::Base |
|
2 # Prevent CSRF attacks by raising an exception. |
|
3 # For APIs, you may want to use :null_session instead. |
|
4 protect_from_forgery with: :exception |
|
6 def authenticate |
|
7 render status: :unauthorized, nothing: true unless session['user_id'] |
|
8 end |
|
10 private
|
|
11 def current_user |
|
12 @current_user ||= User.find(session[:user_id]) if session[:user_id] |
|
13 end |
|
15 helper_method :current_user |
|
16end |