I used the Rails Composer to generate a Rails application that uses the devise, rolify, and cancan gems.
I noted that I can make use of the current_user method.
When I use cmd-shif-F in Textmate to search my project, I do not find where current_user is defined. I've worked through some roll-your-own authentication logic examples and it seems commonplace to set current_user in the application controller. No such code is present in my app.
Still, I can verify that current_user functions and is valid.
This SO Q/A here points to some code, but I don't get it. Looks like current_user is a generated method that is the result of some metaprogramming wizardry. Still, if it is not referenced in a before filter in the application controller, how can it be working?
The fairly bare application_controller.rb looks like this:
class ApplicationController < ActionController::Base
protect_from_forgery
rescue_from CanCan::AccessDenied do |exception|
redirect_to root_path, :alert => exception.message
end
end
