All,
I have my check_authentication and login stuff in my base
ApplicationController in application.rb (I realize that these
could/should be in another controller). What’s nice about this setup is
that I can apply authorization checking to my entire app. just by
providing a before_filter in ApplicationController.
However, now I’m writing a controller whose methods allow users to
request a login, which obviously should be not checking for
authentication. But I can only “except” methods by name, not by
controller membership.
I got around this by overriding the check_authentication method (defined
in ApplicationController) to do nothing in this particular controller.
This works, but feels kludgy.
Has any thought been given to allowing before_filter :only and :except
arrays to accept controller names as well as individual actions. Then I
could just “except” this controller from the before_filter and still get
the benefit of defining the before_filter only once in
ApplicationController.
Thanks,
Wes