Authentication (restful, etc)

I feel kind of “slow” asking this post - but I can’t get my head
wrapped around the connection between the authentication of a user and
the usage of the current_user values in other controllers.

If I had a controller “my_stuff” and I wanted two methods to require
login, via restful, how can I go about doing that? Once I’ve required
login, how can I go about accessing the session information, like
userid and such?

I’ve tried, in the controller doing something like

@user = current_user
@user = session.current_user

or even something similar to @user = User.find_by_id(session.user_id)


Just can’t get over / through “that” hurdle… once I do that, I’ll be
happy with an auth tie-in to my app.

I come from a Perl world, and I know I recently mentioned that RoR is
the best thing since sliced bread (read: mod_perl) - I’m not fully
able to get past authentication, etc.

I’m guessing that you’re you using the Restful Authentication plugin.

If not, have a look at it here:

After installing, examine the file RAILS_ROOT/lib/
authenticated_system.rb, and you’ll see exactly how the current_user
method works. The short answer to your question is that you don’t
need to do anything like “@user = User.find_by_id(session.user_id).”

RestfulAuth also provides a method called ‘login_required’ which you
can use to require login for any controller method.

At the top of your controller,

before_filer :login_required, :except => :show

will require login on all methods except for show.

Hope this helps,


That helped a lot. Thank you! :slight_smile:

In the case of restful_authentication (and others like it), you add
the functionality into ApplicationController by including
AuthenticatedSystem. Typically your other controllers extend
ApplicationController so they inherit the functionality.

This forum is not affiliated to the Ruby language, Ruby on Rails framework, nor any Ruby applications discussed here.

| Privacy Policy | Terms of Service | Remote Ruby Jobs