Forum: Ruby on Rails login redirects that maintain parameter data

Announcement (2017-05-07): www.ruby-forum.com is now read-only since I unfortunately do not have the time to support and maintain the forum any more. Please see rubyonrails.org/community and ruby-lang.org/en/community for other Rails- und Ruby-related community platforms.
Jables (Guest)
on 2009-01-10 00:24
(Received via mailing list)
Hey,
  I need some advice on something.  I have a fairly large and complex
website (uberpwner.com) and all authentication I do is done by before
filters.  Basically  before_filter :login_required.
login_required does basic authentication and then redirects to the
root_path.  Here is the essentials from the login system code (which
is mostly taken from the beast forum):

     def login_required
      login_by_token      unless logged_in?
      login_by_basic_auth unless logged_in?
      respond_to do |format|
        format.html { redirect_to login_path }
        format.js   { render(:update) { |p| p.redirect_to
login_path } }
        format.xml  do
          headers["WWW-Authenticate"] = %(Basic realm="Beast")
          render :text => "HTTP Basic: Access denied.\n", :status
=> :unauthorized
        end
      end unless logged_in? && authorized?
    end

 def login_by_token
      self.current_user = User.find_by_id_and_login_key(*cookies
[:login_token].split(";")) if cookies[:login_token] and not logged_in?
    end

      @@http_auth_headers = %w(X-HTTP_AUTHORIZATION HTTP_AUTHORIZATION
Authorization)
    def login_by_basic_auth
      auth_key  = @@http_auth_headers.detect { |h| request.env.has_key?
(h) }
      auth_data = request.env[auth_key].to_s.split unless
auth_key.blank?
      self.current_user = User.authenticate *Base64.decode64(auth_data
[1]).split(':')[0..1] if auth_data && auth_data[0] == 'Basic'
    end

Now here is what I want:  when a user clicks a page that requires
authentication they should be redirected to the login page, then on
successful login to the page they are going to.  If they are trying to
submit something to the site they should be redirected to login, then
their submission should go through on successful login.

Any advice on how to achieve this would be very appreciated!
JB
Patrick D. (Guest)
on 2009-01-10 04:45
(Received via mailing list)
I would suggest taking a look at Ryan B. screencast about restful
authentication (http://railscasts.com/episodes/67), write a simple
application or two using restful authentication, and then walk through
the
code to see how it all works.  IIRC, it has support for doing just what
you
asked.

--wpd
This topic is locked and can not be replied to.