Authorization and Routes

Hello everyone,

I am porting a web site similar to one I’ve built at work in .NET over
to
rails, just for the sake of helping to learn Ruby and Rails in my free
time. The site has a sign in screen, and you can’t go anywhere else in
the
site until you’ve authenticated with a username or password.

I have a good understanding of how to authorize with something like
OmniAuth, but I’m not sure what the most elegant / “rails way” is to
redirect someone, should they attempt to access a RESTful URL. I am
familiar with redirect_to, and could use that by wrapping it in some
sort
of global check_if_signed_in function that I could call at the top of
various controller methods.

Anyway, how is that typically done in Rails? Seems like something that
would come up a lot for many sites (online banking, facebook, etc all
require sign in prior to anything else).

Jeff

On Sun, Jul 15, 2012 at 1:36 PM, Jeff [email protected] wrote:

with redirect_to, and could use that by wrapping it in some sort of global
check_if_signed_in function that I could call at the top of various
controller methods.

See: AbstractController::Callbacks::ClassMethods#before_filter

And it might help to look at the way existing gems implement auth;
see: Category: Web Authentication - The Ruby Toolbox

HTH,

Hassan S. ------------------------ [email protected]

twitter: @hassan