authentication with mercury-rails
Question
How do you add authentication checks on the /editor/.* routes in Mercury via the mercury-rails gem?
I mean, I know you can:
- hide the link to the editor when not authenticated.
- refuse updates from the editor when not authenticated.
But I'd prefer the user be kicked out of the editor incase he/she has a bookmark to the editor and isn't logged in.
PS: Can someone create a mercury-editor tag for this? Otherwise searching for mercury-editor is neigh impossible.
2 answers
solution1
7 2011-11-10 21:01:24
A before_filter method is probably what you would want to use.
You could just add your own controller than inherits from the MercuryController and point the routes to your controller:
In config/routes.rb:
...
match '/editor(/*requested_uri)' => "my_mercury#edit", :as => :mercury_editor
Mercury::Engine.routes
...
And app/controllers/my_mercury_controller.rb
class MyMercuryController < MercuryController
before_filter :login_required
def login_required
...
end
end
solution2
3 ACCPTED 2012-04-06 18:27:43
Looks like now the mercury-rails installer will ask you if you want them to add some authentication code, and if you do it creates
lib/mercury/authentication.rb
module Mercury
module Authentication
def can_edit?
true # check here to see if the user is logged in/has access
end
end
end
Where you can run your check code in there. Maybe something like "if user_signed_in? && current_user.admin?"
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.