SessionsHelper in railstutorial.org: A good design?

railstutorial.org has a suggestion which strikes me as a little odd.
Here:

http://ruby.railstutorial.org/chapters/sign-in-sign-out#code:sessions_helper_include

… it suggests this code:

class ApplicationController < ActionController::Base
protect_from_forgery
include SessionsHelper
end

…making SessionsHelper available essentially everywhere. I
understand that authentication/authorization is cross-cutting, but is
this really the best place? Would functionality not strictly needed in
views be better placed in ApplicationController or elsewhere?

Thoughts?

Thanks,

-Craig

On 30 March 2011 03:36, Craig S. [email protected] wrote:

end

…making SessionsHelper available essentially everywhere. I
understand that authentication/authorization is cross-cutting, but is
this really the best place? Would functionality not strictly needed in
views be better placed in ApplicationController or elsewhere?

The above code does put it in ApplicationController. Perhaps I
misunderstand your question.

Colin

The SessionsHelper option makes the methods available from
ApplicationController, yes, but it makes them available in any view, as
well. That seems to me to be potentially too broad of a scope. Also,
putting code which implements, say, a before_filter which conditionally
redirects (as the railstutorial.org example does) in a module which more
commonly contains view helpers seems surprising.

I’m not sure if my concerns are well-founded or if I’m “thinking too
much” about this.

-Craig

This forum is not affiliated to the Ruby language, Ruby on Rails framework, nor any Ruby applications discussed here.

| Privacy Policy | Terms of Service | Remote Ruby Jobs