Home>

■ I don't know
Users who are not signed in before_aciton skip to the sign-in screen, and users who are signed in have set helper and before_action to skip to the index screen, but they can jump to other pages without signing in The
I would like to know the cause.

■ users_helper.rb

module UsersHelper
  def user_sign_in (user)
    session [: @ user_id] = user.id
  end
  def current_user
    if @ current_user.nil?
      @current_user = User.find_by (id: session [: @ user_id])
    else
      @current_user
    end
  end
  def user_sign_out
    session.delete (: @ user_id)
    @current_user = nil
  end
  def user_signed_in?
    @ current_user.present?
  end
  def authorize
    redirect_to sign_in_path unless user_signed_in?
  end
  def redirect_to_index_if_signed_in
    redirect_to clients_index_path and return if user_signed_in?
  end
end

■ users_controllers.rb

include UsersHelper
  before_action: authorize, except: [: sign_in,: sign_in_process]
  before_action: redirect_to_index_if_signed_in, only: [: sign_in]
  def sign_in
    @user = User.new
    render layout: "application_not_login"
  end
  def sign_in_process
    @user = User.find_by (email: user_params [: email])
    if @user&&@ user.authenticate (user_params [: password])
      user_sign_in (@user)
      redirect_to clients_index_path and return
    else
      flash [: danger] = "Sign-in failed"
      render "sign_in"
    end
  end

■ routes

get '/', to: 'users # sign_in', as:: sign_in
get 'clients', to: 'clients # index', as:: clients_index