I did my own auth like on my old php site, I use sessions for that and md5 hash for pass. My session after auth look like that: {"session_id"=>"874e2703dbaa562da8350fe141612cb6", "_csrf_token"=>"o3g5VHz7f6BPCwpaphI/7qnBnaDVBcguKVB4lXqvUss=", "user_id"=>2, "login"=>"123", "avatar"=>/uploads/resume/avatar/2/avatars/noava.jpg, "group_id"=>1} All other things are done, but Now how I can to restrict the access for different actions in my controller depending on my session ? Or can I fix this with devise and cancan gems? They are using bcrypt, but my old passwords in md5 and i cant use for that bcrypt. -- You received this message because you are subscribed to the Google Groups "Ruby on Rails: Core" group. To unsubscribe from this group and stop receiving emails from it, send an email to rubyonrails-core+unsubscribe@googlegroups.com. To post to this group, send email to rubyonrails-core@googlegroups.com. Visit this group at http://groups.google.com/group/rubyonrails-core?hl=en. For more options, visit https://groups.google.com/groups/opt_out.
Generally, you what you''ve done is authentication, and what are you seeking is authorization. You can either implement it yourself or use a gem like CanCan (Devise is no option here, because it handles the part you''ve already done — the authentication part.) Using CanCan seems like the easiest option, it does not dictate how your authentication should be handled so it''s really easy to adopt it. -- Cheers, Gosha Arinich On Wednesday, February 20, 2013 at 8:17 PM, Aydarnv wrote:> > I did my own auth like on my old php site, I use sessions for that and md5 hash for pass. My session after auth look like that: > > {"session_id"=>"874e2703dbaa562da8350fe141612cb6", "_csrf_token"=>"o3g5VHz7f6BPCwpaphI/7qnBnaDVBcguKVB4lXqvUss=", "user_id"=>2, "login"=>"123", "avatar"=>/uploads/resume/avatar/2/avatars/noava.jpg, "group_id"=>1} > > All other things are done, but Now how I can to restrict the access for different actions in my controller depending on my session ? > > > Or can I fix this with devise and cancan gems? They are using bcrypt, but my old passwords in md5 and i cant use for that bcrypt. > > > -- > You received this message because you are subscribed to the Google Groups "Ruby on Rails: Core" group. > To unsubscribe from this group and stop receiving emails from it, send an email to rubyonrails-core+unsubscribe@googlegroups.com (mailto:rubyonrails-core+unsubscribe@googlegroups.com). > To post to this group, send email to rubyonrails-core@googlegroups.com (mailto:rubyonrails-core@googlegroups.com). > Visit this group at http://groups.google.com/group/rubyonrails-core?hl=en. > For more options, visit https://groups.google.com/groups/opt_out. > >-- You received this message because you are subscribed to the Google Groups "Ruby on Rails: Core" group. To unsubscribe from this group and stop receiving emails from it, send an email to rubyonrails-core+unsubscribe@googlegroups.com. To post to this group, send email to rubyonrails-core@googlegroups.com. Visit this group at http://groups.google.com/group/rubyonrails-core?hl=en. For more options, visit https://groups.google.com/groups/opt_out.
Please consider rubyonrails-talk mailing list for such questions, that are better suited for that list. Good luck, Rodrigo. Em 20-02-2013 14:17, Aydarnv escreveu:> > I did my own auth like on my old php site, I use sessions for that and > md5 hash for pass. My session after auth look like that: > > |{"session_id"=>"874e2703dbaa562da8350fe141612cb6", "_csrf_token"=>"o3g5VHz7f6BPCwpaphI/7qnBnaDVBcguKVB4lXqvUss=", "user_id"=>2, "login"=>"123", "avatar"=>/uploads/resume/avatar/2/avatars/noava.jpg, "group_id"=>1}| > > All other things are done, but Now how I can to restrict the access > for different actions in my controller depending on my session ? > > Or can I fix this with devise and cancan gems? They are using bcrypt, > but my old passwords in md5 and i cant use for that bcrypt. >-- You received this message because you are subscribed to the Google Groups "Ruby on Rails: Core" group. To unsubscribe from this group and stop receiving emails from it, send an email to rubyonrails-core+unsubscribe@googlegroups.com. To post to this group, send email to rubyonrails-core@googlegroups.com. Visit this group at http://groups.google.com/group/rubyonrails-core?hl=en. For more options, visit https://groups.google.com/groups/opt_out.
Hello, This list is reserved for discussion regarding core Rails, not application discussion. Please take your question to the rubyonrails-talk mailing list. Thanks! On 21/02/2013, at 4:17, Aydarnv <nostsaber@gmail.com> wrote:> I did my own auth like on my old php site, I use sessions for that and md5 hash for pass. My session after auth look like that: > > {"session_id"=>"874e2703dbaa562da8350fe141612cb6", "_csrf_token"=>"o3g5VHz7f6BPCwpaphI/7qnBnaDVBcguKVB4lXqvUss=", "user_id"=>2, "login"=>"123", "avatar"=>/uploads/resume/avatar/2/avatars/noava.jpg, "group_id"=>1} > All other things are done, but Now how I can to restrict the access for different actions in my controller depending on my session ? > > Or can I fix this with devise and cancan gems? They are using bcrypt, but my old passwords in md5 and i cant use for that bcrypt. > > -- > You received this message because you are subscribed to the Google Groups "Ruby on Rails: Core" group. > To unsubscribe from this group and stop receiving emails from it, send an email to rubyonrails-core+unsubscribe@googlegroups.com. > To post to this group, send email to rubyonrails-core@googlegroups.com. > Visit this group at http://groups.google.com/group/rubyonrails-core?hl=en. > For more options, visit https://groups.google.com/groups/opt_out. > >-- You received this message because you are subscribed to the Google Groups "Ruby on Rails: Core" group. To unsubscribe from this group and stop receiving emails from it, send an email to rubyonrails-core+unsubscribe@googlegroups.com. To post to this group, send email to rubyonrails-core@googlegroups.com. Visit this group at http://groups.google.com/group/rubyonrails-core?hl=en. For more options, visit https://groups.google.com/groups/opt_out.
Oops, Rodrigo beat me to it. Thanks Rodrigo! On 21/02/2013, at 8:18, Rodrigo Rosenfeld Rosas <rr.rosas@gmail.com> wrote:> Please consider rubyonrails-talk mailing list for such questions, that are better suited for that list. > > Good luck, > Rodrigo. > > Em 20-02-2013 14:17, Aydarnv escreveu: >> >> I did my own auth like on my old php site, I use sessions for that and md5 hash for pass. My session after auth look like that: >> >> {"session_id"=>"874e2703dbaa562da8350fe141612cb6", "_csrf_token"=>"o3g5VHz7f6BPCwpaphI/7qnBnaDVBcguKVB4lXqvUss=", "user_id"=>2, "login"=>"123", "avatar"=>/uploads/resume/avatar/2/avatars/noava.jpg, "group_id"=>1} >> All other things are done, but Now how I can to restrict the access for different actions in my controller depending on my session ? >> >> Or can I fix this with devise and cancan gems? They are using bcrypt, but my old passwords in md5 and i cant use for that bcrypt. > > -- > You received this message because you are subscribed to the Google Groups "Ruby on Rails: Core" group. > To unsubscribe from this group and stop receiving emails from it, send an email to rubyonrails-core+unsubscribe@googlegroups.com. > To post to this group, send email to rubyonrails-core@googlegroups.com. > Visit this group at http://groups.google.com/group/rubyonrails-core?hl=en. > For more options, visit https://groups.google.com/groups/opt_out. > >-- You received this message because you are subscribed to the Google Groups "Ruby on Rails: Core" group. To unsubscribe from this group and stop receiving emails from it, send an email to rubyonrails-core+unsubscribe@googlegroups.com. To post to this group, send email to rubyonrails-core@googlegroups.com. Visit this group at http://groups.google.com/group/rubyonrails-core?hl=en. For more options, visit https://groups.google.com/groups/opt_out.
It happens, no problem :) Em 20-02-2013 18:24, Ryan Bigg escreveu:> Oops, Rodrigo beat me to it. > > Thanks Rodrigo! > > > On 21/02/2013, at 8:18, Rodrigo Rosenfeld Rosas <rr.rosas@gmail.com > <mailto:rr.rosas@gmail.com>> wrote: > >> Please consider rubyonrails-talk mailing list for such questions, >> that are better suited for that list. >> >> Good luck, >> Rodrigo. >> >> Em 20-02-2013 14:17, Aydarnv escreveu: >>> >>> I did my own auth like on my old php site, I use sessions for that >>> and md5 hash for pass. My session after auth look like that: >>> >>> |{"session_id"=>"874e2703dbaa562da8350fe141612cb6", "_csrf_token"=>"o3g5VHz7f6BPCwpaphI/7qnBnaDVBcguKVB4lXqvUss=", "user_id"=>2, "login"=>"123", "avatar"=>/uploads/resume/avatar/2/avatars/noava.jpg, "group_id"=>1}| >>> >>> All other things are done, but Now how I can to restrict the access >>> for different actions in my controller depending on my session ? >>> >>> Or can I fix this with devise and cancan gems? They are using >>> bcrypt, but my old passwords in md5 and i cant use for that bcrypt. >>> >> >> -- >> You received this message because you are subscribed to the Google >> Groups "Ruby on Rails: Core" group. >> To unsubscribe from this group and stop receiving emails from it, >> send an email to rubyonrails-core+unsubscribe@googlegroups.com >> <mailto:rubyonrails-core+unsubscribe@googlegroups.com>. >> To post to this group, send email to >> rubyonrails-core@googlegroups.com >> <mailto:rubyonrails-core@googlegroups.com>. >> Visit this group at >> http://groups.google.com/group/rubyonrails-core?hl=en. >> For more options, visit https://groups.google.com/groups/opt_out. >> >> > -- > You received this message because you are subscribed to the Google > Groups "Ruby on Rails: Core" group. > To unsubscribe from this group and stop receiving emails from it, send > an email to rubyonrails-core+unsubscribe@googlegroups.com. > To post to this group, send email to rubyonrails-core@googlegroups.com. > Visit this group at http://groups.google.com/group/rubyonrails-core?hl=en. > For more options, visit https://groups.google.com/groups/opt_out. > >-- You received this message because you are subscribed to the Google Groups "Ruby on Rails: Core" group. To unsubscribe from this group and stop receiving emails from it, send an email to rubyonrails-core+unsubscribe@googlegroups.com. To post to this group, send email to rubyonrails-core@googlegroups.com. Visit this group at http://groups.google.com/group/rubyonrails-core?hl=en. For more options, visit https://groups.google.com/groups/opt_out.