class ApplicationController < ActionController::Base
  # Prevent CSRF attacks by raising an exception.
  # For APIs, you may want to use :null_session instead.
  protect_from_forgery with: :exception
  
  def auth_admin
    if !current_admin
      redirect_to new_admin_admin_auth_path
    end
      
    
  end
  
  
  def auth_suser
    if !current_suser
      redirect_to new_student_auth_path
    end
      
    
  end
  
  
  private

    def current_suser
      
      @current_suser ||= StudentUser.find_by_auth_token!(cookies[:student_auth_token]) if cookies[:student_auth_token]
      
      if @current_suser and @current_suser.lock?
        @current_suser = false
      end
      
      return @current_suser
      
      #if session[:student_user_id] and StudentUser.exists?(session[:student_user_id])
      #  @current_suser = StudentUser.find(session[:student_user_id])
      #else
      #  nil
      #end
     
    end
    
    helper_method :current_suser, :auth_suser

    def current_admin
      
      if cookies[:admin_remember_token]
        if @current_admin = Admin.find_by_remember_token(cookies[:admin_remember_token]) 
          @current_admin = Admin.find_by_remember_token(cookies[:admin_remember_token]) 
        else
            cookies[:admin_remember_token] =nil
        end
        
      end
      
      
     
    end
    
  
    
    
    helper_method :current_admin
  
end