Dear all,
How do we secure URL with rails? So only authenticated and authorized
users allowed to view certain URL. Is there any configuration that I
must set for this?
Many thanks
Joshua Jackson wrote:
Dear all,
How do we secure URL with rails? So only authenticated and authorized
users allowed to view certain URL. Is there any configuration that I
must set for this?Many thanks
Well i guess its not the url but the method which needs to be
secured…say suppose the edit page which is accessible only to the admin
so in the method u can define that the logged in user should be
admin…and thats how u can put restriction on the user to access that
particular path / url
Hope this helps
Thanks
Dhaval P.
Software Engineer
Ruby on Rails
sales(AT)railshouse(DOT)com
Hi guys,
First of all thanks very much for the response. But since I have no
experience with Rails yet, could anyone give me a sample code? Also
I’ve heard about restful_authentification are able to do this? Does
anyone know where can I get it? I’ve used gem but ended with no luck.
Many thanks,
Dhaval’s right. small addition to his reply:
if you wanna secure a whole part of your url (speak yoururl/admin/*
for example) it’s probably the best to put
“before_filter :validate_login” and the implementation of your
validate_login-method
either into a specific-controller to secure this part of your webapp
(i.e. admin_controller.rb),
or into the application_controller.rb to secure your whole app.
That way Rails is always calling your validate_login-method before
calling the actual action.
Hope this works!
Good luck! Simon
On Jun 24, 1:35 pm, Dhaval P. [email protected]
Joshua,
There are plugin available that make this very easy to accomplish. My
personal favorite, and the one I use for all my projects is
restful_authentication.
http://agilewebdevelopment.com/plugins/restful_authentication
Very easy to get started using this plugin and will give you the
functionality that you’re looking for. Begin by reading the README
included with the plugin. Then take a look at the files that get added
to your ./lib directory of your project for more details.