I am using Devise to authenticate users in my rails app. I have couple of resources that I want only accessible to authenticated users. If unauthenticated users try to access such resources, I would like them to return to the sign in page.
I was wondering what would the best way of doing this. I was thinking:
I could add a check in application_controller.rb - however, if I add this check, it may also apply to the sign in page, and hence we get into a loop. (enter sign in page -> user not logged in -> redirect to sign in page ...)
Add an attribute on top of every controller method, eg. @authenticated.
Did you read about the authenticate_user!
filter? You can find the docs at github (Search for "Controller filters and helpers").
Add this as in the relevant controllers. You can restrict it to certain actions by providing :only => [ :show ]
or :except => [ :index ]
as further parameters to it.
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.