From 252f99e545c7b74c6678924cc14ac2b9e4de70bc Mon Sep 17 00:00:00 2001
From: Andrzej Krzywda <andrzejkrzywda@gmail.com>
Date: Sun, 7 Jan 2024 18:05:14 +0100
Subject: [PATCH] Created Client::BaseController to hide layout and logged_in
 filters

This way increasing the chances of forgetting to ensure logging in.
---
 .../app/controllers/client/base_controller.rb    | 16 ++++++++++++++++
 .../app/controllers/client/clients_controller.rb |  6 ++++--
 .../app/controllers/client/orders_controller.rb  | 13 +------------
 .../controllers/client/products_controller.rb    |  3 +--
 4 files changed, 22 insertions(+), 16 deletions(-)
 create mode 100644 rails_application/app/controllers/client/base_controller.rb

diff --git a/rails_application/app/controllers/client/base_controller.rb b/rails_application/app/controllers/client/base_controller.rb
new file mode 100644
index 000000000..9dff36642
--- /dev/null
+++ b/rails_application/app/controllers/client/base_controller.rb
@@ -0,0 +1,16 @@
+module Client
+  class BaseController < ApplicationController
+
+    layout "client_panel"
+    before_action :ensure_logged_in
+
+    private
+
+    def ensure_logged_in
+      if ClientOrders::Client.find_by(uid: cookies[:client_id]).nil?
+        redirect_to logout_path
+        return
+      end
+    end
+  end
+end
\ No newline at end of file
diff --git a/rails_application/app/controllers/client/clients_controller.rb b/rails_application/app/controllers/client/clients_controller.rb
index 7926126ca..f72fd5a11 100644
--- a/rails_application/app/controllers/client/clients_controller.rb
+++ b/rails_application/app/controllers/client/clients_controller.rb
@@ -1,6 +1,7 @@
 module Client
-  class ClientsController < ApplicationController
-    layout "client_panel"
+  class ClientsController < BaseController
+
+    skip_before_action :ensure_logged_in, only: [:index, :login, :logout]
 
     def index
       if cookies[:client_id]
@@ -31,6 +32,7 @@ def logout
       redirect_to clients_path
     end
 
+    private
 
     def correct_password?(client_id, password)
       password_hash = Digest::SHA256.hexdigest(password)
diff --git a/rails_application/app/controllers/client/orders_controller.rb b/rails_application/app/controllers/client/orders_controller.rb
index e2a86f943..90b7e4859 100644
--- a/rails_application/app/controllers/client/orders_controller.rb
+++ b/rails_application/app/controllers/client/orders_controller.rb
@@ -1,16 +1,5 @@
 module Client
-  class OrdersController < ApplicationController
-
-    layout 'client_panel'
-
-    before_action :ensure_logged_in
-
-    def ensure_logged_in
-      if ClientOrders::Client.find_by(uid: cookies[:client_id]).nil?
-        redirect_to logout_path
-        return
-      end
-    end
+  class OrdersController < BaseController
 
     def index
       render html: ClientOrders::OrdersList.build(view_context, cookies[:client_id]), layout: true
diff --git a/rails_application/app/controllers/client/products_controller.rb b/rails_application/app/controllers/client/products_controller.rb
index f11edfaea..798b421cc 100644
--- a/rails_application/app/controllers/client/products_controller.rb
+++ b/rails_application/app/controllers/client/products_controller.rb
@@ -1,6 +1,5 @@
 module Client
-  class ProductsController < ApplicationController
-    layout 'client_panel'
+  class ProductsController < BaseController
 
     def index
       render html: PublicOffer::ProductsList.build(view_context), layout: true