class ApplicationController < ActionController::API
  before_action :reject_banned_ip_address!
  before_action :authenticate_user
  before_action :reject_banned_user!

  def current_user = @current_user

  private

  def authenticate_user
    code = request.headers['X-Transfer-Code'] || request.headers['HTTP_X_TRANSFER_CODE']
    return if code.blank?

    @current_user = User.find_by(inheritance_code: code)
  end

  def bool? key, default: false
    return default if params[key].nil?

    s = params[key].to_s.strip.downcase
    if default
      !(s.in?(['0', 'false', 'off', 'no']))
    else
      s.in?(['', '1', 'true', 'on', 'yes'])
    end
  end

  def reject_banned_ip_address!
    ip_address = IpAddress.find_by(ip_address: IPAddr.new(request.remote_ip).hton)
    return unless ip_address&.banned?

    head :forbidden
  end

  def reject_banned_user!
    return unless current_user&.banned?

    head :forbidden
  end
end