23 lines
548 B
Ruby
23 lines
548 B
Ruby
class ApplicationController < ActionController::Base
|
|
# Prevent CSRF attacks by raising an exception.
|
|
# For APIs, you may want to use :null_session instead.
|
|
protect_from_forgery with: :null_session
|
|
before_action :authenticate_user_from_token!
|
|
before_action :authenticate_user! #unless Rails.env.test?
|
|
|
|
|
|
private
|
|
|
|
def authenticate_user_from_token!
|
|
user_token = params[:user_token].presence
|
|
user = user_token && User.find_by_authentication_token(user_token.to_s)
|
|
|
|
if user
|
|
sign_in user, store: false
|
|
end
|
|
|
|
end
|
|
|
|
|
|
end
|