micro-blogger/app/controllers/application_controller.rb

32 lines
751 B
Ruby
Raw Permalink Normal View History

2018-11-10 10:40:22 -06:00
# frozen_string_literal: true
2018-11-09 20:51:38 -06:00
class ApplicationController < ActionController::API
2018-11-10 18:46:47 -06:00
include Pundit
before_action :authenticate_request
after_action :verify_authorized, except: :index
after_action :verify_policy_scoped, only: :index
rescue_from Pundit::NotAuthorizedError, with: :user_not_authorized
def index; end
private
def current_user
@current_user ||= authenticate_request
end
def authenticate_request
return nil if request.authorization.blank?
@authenticate_request ||= AuthorizeRequest.new(request.headers).perform
end
def user_not_authorized
render \
json: { authorization: ["You are not authorized to perform this action."] },
status: :unauthorized
end
2018-11-09 20:51:38 -06:00
end