Tuesday, April 12, 2011

Super Simple Authentication


SuperSimpleAuthentication
===================
First, install the plugin:
script/plugin install http://svn.ariejan.net/plugins/super_simple_authentication
When the plugin is installed, you may generate your SSA controller. This controller verifies your password and makes sure you stay authenticated for the duration of your visit.
script/generate super_simple_authentication sessions
Your password is located in config/super_simple_authentication.yml. Change it.
In the SessionsController, you’ll find an include statement. Move this include to your application controller.
The generator automatically added routes to your config/routes.rb file. If you want easy access to login and logout functionality, add these two lines to your config/routes.rb file as well:
map.login  '/login',  :controller => 'sessions', :action => 'new'
    map.logout '/logout', :controller => 'sessions', :action => 'destroy', :method => :delete
You can now protect you actions and controllers with a before_filter:
# Protect all actions in the controller
    before_filter :authorization_required

    # Protect all actions, except :index and :recent
    before_filter :authorization_required, :except => [:index, :recent]

    # Protect only :destroy
    before_filter :authorization_required, :only => :destroy
In your views, you can check if you are authorized or not with authorized? E.g.
<% if authorized? %>
        # ... do secret admin stuff
    <% end %>
Posted by at 3:01 AM

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)