Admin authentication


#1

Hello, I was wondering if anyone could point me in the right direction
in getting very simple admin authentication functionality in a protected
back end, either as a method or plug-in. I am making a product catalog
which needs to have just one admin user to be able to log in with a
username and password to access the main CRUD.

I have tried acts_as_authenticated and the simple http authentication
plugins but they seem to be overkill or not entirely safe (AAA seems
more for a large number of users with no admin functionality and the
http authentication plugin seemed to only be for temporary testing, and
would not be totally secure without inclusion of SSL).

I’m sure this problem comes up quite a bit, the only method I could
think of so far would be to hard code a admin username and password into
a model and then use before filters on the appropriate controllers but
this also seems unsafe and maybe bad practice. Thanks for anyone’s help
in advance and please excuse my “newbie-ness”.


#2

one more thing, another reason AAA didn’t seem viable was because it
seemed to allow anyone to sign up for an account, maybe I’m wrong
though.