Move Authentication login into concern

[jmarsh24]

I ran into an issue when trying to use authentication-zero with Avo Admin. They do not inherit from application controller::base so the current_user is not available. I had to move the authentication logic into a concern so I could include it in both places.

This is the solution that I ended up with. I propose that we move this authentication logic into a concern so it can more easily be extended and also better organizes the application controller for projects.

Would it be possible to make current_user work in the same way it does in devise so that way Avo would work out of the box with authentication zero without having to prepend anything?

module Authenticable
  extend ActiveSupport::Concern

  included do
    prepend_before_action :set_current_request_details
    prepend_before_action :authenticate
    helper_method :current_user
  end

  private

  def current_user
    Current.user
  end

  def authenticate
    if (session_record = Session.find_by_id(cookies.signed[:session_token]))
      Current.session = session_record
      Current.user = Current.session&.user
    else
      redirect_to sign_in_path
    end
  end

  def set_current_request_details
    Current.user_agent = request.user_agent
    Current.ip_address = request.ip
  end
end

Rails.configuration.to_prepare do
  Avo::ApplicationController.include Authenticable
end

Avo.configure do |config|
  config.current_user_method do
    Current.user
  end

[interhive]

Would it be possible to make current_user work in the same way it does in devise...

Yeah, I'd like to see this, too. It'd allow it to fully work with other gems like https://github.com/collectiveidea/audited out-of-the-box.