Login Engine - small problem


#1

Hi, first of all, thanks for making the login engine, it suits my
needs perfectly.

I’ve been using the login engine for a web application I’ve developed,
but I’ve run into a small problem.

Using before_filter on other controllers works just fine, but I also
want methods in the UserController that is included in the Login Engine
to be protected in some cases. For instance, I’d like the signup action
to be unavailable unless a user is logged in (only valid users can add
new accounts). I’ve added the normal before_filter to the
UserController, but this is obviously not the correct way of doing
this.

So in short: how can I secure all actions except login in
UserController?

My thanks in advance for any help you can give

Regards,
Vegard


#2

Easiest solution: Use UserEngine. :wink:

2006/2/8, da pendragon removed_email_address@domain.invalid:


#3

You want to override the ‘protect?’ method of the UserController. In
your /app/controllers folder, create a new user_controller file,
something like this:

class UserController < ApplicationController
def protect?(action)
if [‘login’].include?(action)
return false # only the login action
is unprotected.
else
return true
end
end
end

The Engines plugin will mix this code in with the engine controller
and use your application method instead. Voila.

  • james

On 2/9/06, Ulrik M. removed_email_address@domain.invalid wrote:


engine-users mailing list
removed_email_address@domain.invalid
http://lists.rails-engines.org/listinfo.cgi/engine-users-rails-engines.org

  • J *
    ~

#4

That worked perfectly! Thanks for the quick answers, too!

Regards,
Vegard