search for: signin_form

...hexdigest(password + user.password_salt) != user.password_hash raise "user or password wrong" end user end end #controller--------------------------------------------- class AdminController < ApplicationController before_filter :check_authentication, :except => [:signin_form, :signin] def index render "admin" end def check_authentication unless session[:user] session[:intended_action] = action_name redirect_to :action => "signin_form" end end def signin_form render "login_form" end def signin session[:user] = User.authe...

Hello all, Thank you in advance for your help with this. I am trying to implement the user authentication method from Ruby Recipes which calls for the use of SHA 2. Here is the code for the password: def password=(pass) salt = [Array.new(6){rand(256).chr}.join].pack("m").chomp self.password_salt, self.password_hash = salt, Digest::SHA256.hexdigest(pass + salt) end I open

i got the rails recipes book, i have now an auth system for users without problems, now i want to made a role based acces for my app, im following the "Role Based Authorization" recipe of the book but i cant make it to work even when the tables created and correctly added data manually definig the roles and rights. als i dont know how to define a right for use all the actions in a

...ut I wish to use these methods in several controllers. Then I pasted them in ApplicationController, using before_filter method in all the other needed controllers. The problem is that Rails always tries to render a missing template inside the current controller ( app/views/controllers/admin/article/signin_form.rhtml ) while I''ve uploaded it in app/views/application/siginin_form.rhtml ). Is there an issue ? Thanks for your help.

...ation] before_filter :register_member_activity, :except => [:check_authentication] def check_authentication unless session[:member_id] session[:intended_uri] = @request.request_uri redirect_to :controller => ''login'', :action => "signin_form" end end etc.............. Obviously, now all my controllers and methods have to pass through this authentication method. For accessing RSS this doesn''t work too well. Does anyone have any ideas how to allow global access, and no filtering to one method in a different...