Doing redirect in filter class?

I want to write a filter class that verify the credentials and
redirect to login if necessary. However it seems like I can’t access
redirect_to method from the controller (without doing reflection,
i.e.) is there example on how to get this working? I think filter
class is a lot better than embedded class method.

You mean something like:

class ThingsController < ApplicationController
before_filter :login_required

#other actions go here

private
def login_required
redirect_to :action => “login”, :controller => “account” if !logged_in?
end

Are you using acts_as_authenticated?


Ryan B.

Feel free to add me to MSN and/or GTalk as this email.

No, I mean

before_filter AuthenticationFilter

class AuthenticationFilter
self.filter(controller)
#redirection if authentication failed
end
end

And, no I am not using acts_as_authenticated

Uh, no you can’t do something like that. Calling a method from within
that
module would be fine, however.

Define AuthenticationFilter as a module in lib/authentication_filter.rb
instead of as a class and then in your application.rb in app/controllers
say
include AuthenticationFilter.

And then you can call all the methods you’ve defined in your
AuthenticationFilter in your before_filter. As for specifying
parameters,
you may be able to access params from inside the method.

On Dec 27, 2007 4:23 PM, goodwill [email protected] wrote:


Ryan B.

Feel free to add me to MSN and/or GTalk as this email.

On 27 Dec 2007, at 07:20, Bcp wrote:

U cannot do a redirect inside a filter. It returns true or false
depending whether the request passed the filter condion or not. U
could throw an app specific exception and handle it in ur action. This
is a guess.

Um that’s rubbish. And in rails 2.0 what you return from your filter
is irrelevant.
I don’t think there’s a nice way to do this for that sort of filter

Fred

U cannot do a redirect inside a filter. It returns true or false
depending whether the request passed the filter condion or not. U
could throw an app specific exception and handle it in ur action. This
is a guess.

Sent from my iPhone

On Dec 26, 2007, at 9:52 PM, goodwill [email protected]

Mind I am a bit lazy and ask u to plug the relevant code here? :stuck_out_tongue:

Ryan u might have mixed up something, I mean a filter class, I am very
sure a routine within the controller tree, either inherited above or
within, would work.

Of course you can redirect from inside a filter! my
acts_as_authenticated
has a method called login_redirect which calls access_denied, another
method
in the AuthenticatedSystem module, which will redirect someone to the
login
screen if they’re not logged in. You don’t even have to puts a return
false
in there.


Ryan B.

Feel free to add me to MSN and/or GTalk as this email.

@goodwill

In your case,

class AuthenticationFilter
self.filter(controller)
#redirection if authentication failed
end
end

you have the instance of the controller right there. Use that… but
use
.send instead as redirect_to is protected.

controller.send :redirect_to, {:action=>“foo”, :controller=>“bar”}

Now, I don’t quite know if named routes will work as I have not tested
it. I
would imagine though that they are accessible via controller.send as
they
are also protected.

It was mentioned before, but restful_authentication or
acts_as_authenticated
are well-tested auth systems. I suppose there’s a reason you’re not
using
them though, which is fine.

You might find this interesting -
http://rubycas-client.googlecode.com/svn/trunk/rubycas-client/lib/

It’s a plugin for the CAS single-sign-on system. It does authentication
with
a third-party and does redirects, etc. It’s a bit complex but it may
give
you some ideas.

Good luck!