Forum: Ruby on Rails Using aspects to apply authentication

Announcement (2017-05-07): www.ruby-forum.com is now read-only since I unfortunately do not have the time to support and maintain the forum any more. Please see rubyonrails.org/community and ruby-lang.org/en/community for other Rails- und Ruby-related community platforms.
C402e1150580c153c1368573f70e7e82?d=identicon&s=25 Cody Skidmore (cskidmore)
on 2006-03-01 20:40
Greeting.  I was wondering if anyone is using AOP (Aspect Oriented
Programming) to ensure login and authentication before allowing someone
access to controllers and models.

I found two versions of RCR 321 that discuss cut-based AOP, but as far
as I can tell there isn't an implementation of the RCR as an AOP
framework.

Additionally, I tried to dig up information on Aspect4r and AspectR.
Aspect4r is a no-who.  Aspect4 is out on SourceForge, but it doesn't
appear to be an active project.

The problem I want to solve is eleminating boiler-plate code from
controllers and models that ensures a user is logged in and has rights
to access a controller or model.

This has to be a problem others are confronting and have already solved.
What approach is usually used?  Does the Salt Login engine do this?

Does anyone use AOP?
C402e1150580c153c1368573f70e7e82?d=identicon&s=25 Cody Skidmore (cskidmore)
on 2006-03-01 20:49
Cody Skidmore wrote:

"Aspect4r is a no-who."

DOH!  Make that "Aspect4r is a no-show"  :o)
F3dc06f587d1ff4c7366b102bfda9204?d=identicon&s=25 David Mitchell (Guest)
on 2006-03-01 22:02
(Received via mailing list)
As I understand AOP, using :before_filter to "drop in" user
authentication is a classic case of AOP in action.  This is a common
approach to that specific task; it redirects your app to a block of
code whenever a controller is accessed.

Similarly, using :after_filter to "drop in" logging would be another
case of following AOP practices in Rails.  It's probably not as common
as before_filter authentication, but I suspect a lot of people are
implementing logging in this fashion.

Authentication and logging are the two classic use cases for AOP,
although there's obviously many others.  However, I'd say support for
AOP is built into Rails via :before_filter and :after_filter, is
widely used, and there's (possibly) no need to look at external
AOP/Ruby libraries for many/most AOP-style requirements.

Does this answer your question?

Regards

Dave M.
C402e1150580c153c1368573f70e7e82?d=identicon&s=25 Cody Skidmore (cskidmore)
on 2006-03-01 22:43
Yes it does.  That isn't a lot of code to add to a controller for the
functionality you get, and it just adds one more reason to love RoR.
:o)
This topic is locked and can not be replied to.