All basic question types

app/controllers/application_controller.rb

@@ -1,4 +1,16 @@
 class ApplicationController < ActionController::Base
   # Only allow modern browsers supporting webp images, web push, badges, import maps, CSS nesting, and CSS :has.
   allow_browser versions: :modern
+
+  before_action :require_authorization
+
+  def authorized?
+    cookies.signed[:_entrance_exam_authorized].present?
+  end
+
+  private
+
+  def require_authorization
+    redirect_to new_sessions_path unless authorized?
+  end
 end

app/controllers/questions_controller.rb

@@ -0,0 +1,23 @@
+class QuestionsController < ApplicationController
+  def answer
+    question = Question.find(params[:id])
+    @answer = Answer.find_or_initialize_by(question:)
+
+    send(:"handle_#{question.answer_kind}_answer")
+  end
+
+  private
+
+  def handle_simple_answer
+    @answer.update!(data: params[:value])
+  end
+
+  def handle_image_answer
+    @answer.image.attach(
+      io: StringIO.new(Base64.decode64(params[:data])),
+      filename: params[:filename],
+      content_type: params[:mimetype],
+    )
+    @answer.save!
+  end
+end

app/controllers/sections_controller.rb

@@ -0,0 +1,10 @@
+class SectionsController < ApplicationController
+  def index
+    @sections = Section.all
+  end
+
+  def show
+    @section = Section.find(params[:id])
+    @questions = @section.questions.includes(:answer)
+  end
+end

app/controllers/sessions_controller.rb

@@ -0,0 +1,25 @@
+class SessionsController < ApplicationController
+  skip_before_action :require_authorization
+
+  def new
+    redirect_to sections_path if authorized?
+  end
+
+  def create
+    if authorized?
+      redirect_to sections_path
+      return
+    end
+
+    if Rails.configuration.entrance_exam_token != params[:token]
+      redirect_to new_sessions_path
+      return
+    end
+
+    cookies.signed[:_entrance_exam_authorized] = {
+      value: true,
+      expires: 1.year
+    }
+    redirect_to sections_path
+  end
+end