# frozen_string_literal: true
class AdminController < ApplicationController
  include Pundit
  layout 'admin'
  before_action :authorize_user

  rescue_from Pundit::NotAuthorizedError, with: :user_not_authorized

  after_action :verify_authorized, except: :index
  after_action :verify_policy_scoped, only: :index

  def current_user
    @current_user ||= User.find_by(id: session[:user]) if session[:user]
  end
  helper_method :current_user

  private

    def authorize_user
      redirect_to admin_login_path unless current_user
    end

    def user_not_authorized
      flash[:error] = "You are not authorized to perform this action."
      redirect_to(request.referer || admin_login_path)
    end
end