Simple model password protection?


#1

Hey everybody,

I would like to know how to do simple password protection in rails a
la <a href="http://writeboard.com>writeboard. At writeboard, when
a new writeboard object is created, the creator must assign a
password, but not create a new user. Then, to access the newly-created
writeboard, one must input only the password.

I’m sure this is pretty simple, but I’m quite new to rails. Thanks.


#2

I’m sure there is a user created with the email that you give them.


#3

Just the methods, no code:

First, assign password attribute to your model (i.e. table field) –
be it a Writeboard or whatever…

Depending on your own business rules a lot of things will determine
how you process the password-entry — i.e. do you now create a
session so that the user can come back later today and view the
Writeboard again? or does someone have to input the password everytime
they hit the page? That depends on you… Below is the absolute
“simplest” approach possible:

But simply put, you should easily be able to put a password field on
the form where you create your Whiteboard that gets saved (possibly
even validated for length/alphanum whatever) and - hopefully -
encrypted.

When you render the show method (view) for the Writeboard, you’ll
check to see if there’s a password param, which if so, you’ll verify
against the password belonging to the Writeboard, and if not, you’ll
render a page/popup/whatever that simply has a password input field
that posts to the show method which will mean that now there will be a
password param, so your controller will do the verification that
what’s entered (hopefully you’re encrypting it to do your saves and
checks) matches the Writeboard password.

Pseudo code:

def show
look up the Writeboard by the id param
is there a password param?
yes?
does the encrypted password param match the Writeboard password?
yes?
render the show view #default
no?
render some view with a password field
no?
render some view with a password field
end

Do this once, then you’ll find ways to refactor it so it’s smaller.
Again, this is the very super-simple approach – there are infinite
more complex possibilities, but if you’re new to Rails, give this a
go…

Cheers!