Protecting Content with AuthLogic

Posted by Rob Wilkerson on Stack Overflow See other posts from Stack Overflow or by Rob Wilkerson
Published on 2009-08-05T13:04:27Z Indexed on 2010/03/27 2:33 UTC
Read the original article Hit count: 276

Filed under:
|

I know this sounds like a really, really simple use case and I'm hoping that it is, but I swear I've looked all over the place and haven't found any mention of any way - not even the best way - of doing this.

I'm brand-spanking new to Ruby, Rails and everything surrounding either (which may explain a lot). The dummy app that I'm using as my learning tool requires authentication in order to do almost anything meaningful, so I chose to start by solving that problem. I've installed the AuthLogic gem and have it working nicely to the extent that is covered by the intro documentation and Railscast, but now that I can register, login and logout...I need to do something with it.

As an example, I need to create a page where users can upload images. I'm planning to have an ImagesController with an upload action method, but I want that only accessible to logged in users. I suppose that in every restricted action I could add code to redirect if there's no current_user, but that seems really verbose.

Is there a better way of doing this that allows me to define or identify restricted areas and handle the authentication check in one place?

© Stack Overflow or respective owner

Related posts about ruby-on-rails

Related posts about authlogic