Add Authentication logic

The ApplicationController provides a `current_user` method (and helper) to access the authenticated user (if any). The WelcomeController provides minimal logic to authenticate against DiscourseSSO. Current state is that one can login and logout. Views need a lot of work.
author: hellekin <hellekin@cepheide.org> 2020-10-05 22:10:26 +0200
committer: hellekin <hellekin@cepheide.org> 2020-10-05 22:10:26 +0200
commit: 046c210e91fc03e1c670a0a28ea4849968c77056 (patch)
tree: 6c6437c7d9a6f252950e3ba1edc9fe12398938df /app/controllers/application_controller.rb
parent: d0efb8c068a86436359b3c20950d427c7a6a27cd (diff)
download: incommon-map-046c210e91fc03e1c670a0a28ea4849968c77056.tar.gz
1 files changed, 12 insertions, 0 deletions
diff --git a/app/controllers/application_controller.rb b/app/controllers/application_controller.rb
index 09705d1..c34b9f9 100644
--- a/app/controllers/application_controller.rb
+++ b/app/controllers/application_controller.rb
@@ -1,2 +1,14 @@
 class ApplicationController < ActionController::Base
+  protect_from_forgery with: :null_session
+
+  require 'sso'
+
+  before_action :current_user
+
+  protected
+
+  def current_user
+    @current_user ||= User.find_by(external_id: session[:current_user]) if session[:current_user].present?
+  end
+  helper_method :current_user
 end
author	hellekin <hellekin@cepheide.org>	2020-10-05 22:10:26 +0200
committer	hellekin <hellekin@cepheide.org>	2020-10-05 22:10:26 +0200
commit	046c210e91fc03e1c670a0a28ea4849968c77056 (patch)
tree	6c6437c7d9a6f252950e3ba1edc9fe12398938df /app/controllers/application_controller.rb
parent	d0efb8c068a86436359b3c20950d427c7a6a27cd (diff)
download	incommon-map-046c210e91fc03e1c670a0a28ea4849968c77056.tar.gz