robacarp/browser_action.cr

## browser_action.cr
# src/actions/browser_action.cr

abstract class BrowserAction < Lucky::Action
  include Lucky::ProtectFromForgery
  include Auth::SessionManagement
  include Auth::SessionEnforcement

  require_logged_in!
  expose current_user

  private def find_current_user(id) : User
    UserQuery.find(id)
  end
end

## session_create.cr
# src/actions/session/create.cr

class Session::Create < BrowserAction
  redirect_if_signed_in!

  post "/session/new" do
    SessionForm.new(params).submit do |form, authenticated_user|
      if authenticated_user
        create_session for: authenticated_user
        flash.success = "You're now signed in"
        # Authentic.redirect_to_originally_requested_path(self, fallback: Home::Index)
        redirect to: Home::Index
      else
        flash.failure = "Sign in failed"
        render NewPage, form: form
      end
    end
  end
end

## session_enforcement.cr
# src/actions/mixins/auth/session_enforcement.cr

module Auth::SessionEnforcement
  macro require_logged_in!
    before ensure_logged_in

    private def current_user : User
      current_user?.not_nil!
    end
  end

  macro dont_require_logged_in!
    def ensure_logged_in
      continue
    end

    private def current_user : User?
      current_user?
    end
  end

  macro redirect_if_signed_in!
    dont_require_logged_in!
    before redirect_if_signed_in

    private def current_user
    end
  end

  private def ensure_logged_in
    if current_user?
      continue
    else
      Authentic.remember_requested_path(self)
      flash.info = "Please sign in first"
      redirect to: Session::New
    end
  end

  private def redirect_if_signed_in
    if current_user?
      flash.success = "You are already signed in"
      redirect to: Home::Index
    else
      continue
    end
  end

  abstract def current_user
end

## session_management.cr
# src/actions/mixins/auth/session_management.cr

module Auth::SessionManagement
  SESSION_KEY = "user_id"

  def create_session(for user : User)
    session.set SESSION_KEY, user.id.to_s
  end

  def destroy_session
    session.clear
  end

  def current_user
    current_user?
  end

  @user : User?

  def current_user?
    @user ||= begin
      if id = session.get? SESSION_KEY
        UserQuery.new.preload_domains.find id
      end
    end
  end
end
	# src/actions/browser_action.cr

	abstract class BrowserAction < Lucky::Action
	include Lucky::ProtectFromForgery
	include Auth::SessionManagement
	include Auth::SessionEnforcement

	require_logged_in!
	expose current_user

	private def find_current_user(id) : User
	UserQuery.find(id)
	end
	end
	# src/actions/session/create.cr

	class Session::Create < BrowserAction
	redirect_if_signed_in!

	post "/session/new" do
	SessionForm.new(params).submit do \|form, authenticated_user\|
	if authenticated_user
	create_session for: authenticated_user
	flash.success = "You're now signed in"
	# Authentic.redirect_to_originally_requested_path(self, fallback: Home::Index)
	redirect to: Home::Index
	else
	flash.failure = "Sign in failed"
	render NewPage, form: form
	end
	end
	end
	end
	# src/actions/mixins/auth/session_enforcement.cr

	module Auth::SessionEnforcement
	macro require_logged_in!
	before ensure_logged_in

	private def current_user : User
	current_user?.not_nil!
	end
	end

	macro dont_require_logged_in!
	def ensure_logged_in
	continue
	end

	private def current_user : User?
	current_user?
	end
	end

	macro redirect_if_signed_in!
	dont_require_logged_in!
	before redirect_if_signed_in

	private def current_user
	end
	end

	private def ensure_logged_in
	if current_user?
	continue
	else
	Authentic.remember_requested_path(self)
	flash.info = "Please sign in first"
	redirect to: Session::New
	end
	end

	private def redirect_if_signed_in
	if current_user?
	flash.success = "You are already signed in"
	redirect to: Home::Index
	else
	continue
	end
	end

	abstract def current_user
	end
	# src/actions/mixins/auth/session_management.cr

	module Auth::SessionManagement
	SESSION_KEY = "user_id"

	def create_session(for user : User)
	session.set SESSION_KEY, user.id.to_s
	end

	def destroy_session
	session.clear
	end

	def current_user
	current_user?
	end

	@user : User?

	def current_user?
	@user \|\|= begin
	if id = session.get? SESSION_KEY
	UserQuery.new.preload_domains.find id
	end
	end
	end
	end