Login redirects that maintain parameter data


#1

Hey,
I need some advice on something. I have a fairly large and complex
website (uberpwner.com) and all authentication I do is done by before
filters. Basically before_filter :login_required.
login_required does basic authentication and then redirects to the
root_path. Here is the essentials from the login system code (which
is mostly taken from the beast forum):

 def login_required
  login_by_token      unless logged_in?
  login_by_basic_auth unless logged_in?
  respond_to do |format|
    format.html { redirect_to login_path }
    format.js   { render(:update) { |p| p.redirect_to

login_path } }
format.xml do
headers[“WWW-Authenticate”] = %(Basic realm=“Beast”)
render :text => “HTTP Basic: Access denied.\n”, :status
=> :unauthorized
end
end unless logged_in? && authorized?
end

def login_by_token
self.current_user = User.find_by_id_and_login_key(*cookies
[:login_token].split(";")) if cookies[:login_token] and not logged_in?
end

  @@http_auth_headers = %w(X-HTTP_AUTHORIZATION HTTP_AUTHORIZATION

Authorization)
def login_by_basic_auth
auth_key = @@http_auth_headers.detect { |h| request.env.has_key?
(h) }
auth_data = request.env[auth_key].to_s.split unless
auth_key.blank?
self.current_user = User.authenticate *Base64.decode64(auth_data
[1]).split(’:’)[0…1] if auth_data && auth_data[0] == ‘Basic’
end

Now here is what I want: when a user clicks a page that requires
authentication they should be redirected to the login page, then on
successful login to the page they are going to. If they are trying to
submit something to the site they should be redirected to login, then
their submission should go through on successful login.

Any advice on how to achieve this would be very appreciated!
JB


#2

I would suggest taking a look at Ryan B. screencast about restful
authentication (http://railscasts.com/episodes/67), write a simple
application or two using restful authentication, and then walk through
the
code to see how it all works. IIRC, it has support for doing just what
you
asked.

–wpd