Well the basic behind it is to add a before_filter to the controllers
you want authentication for.
You can also include only or exclude specific actions
class ApplicationController ...
before_filter :authenticated, :except [:list,:show]
OR
before_filter :authenticated :only [:create,:edit,:delete]
...
your normal actions
...
private
def authenticated
...check user permissions...
...return true or false ...
end
end
________________________
As i''m really new to Rails myself and just put the above stuff
together from the top of my head, its no real working code, just a
symbolic description, i hope you get the idea.
See the api docs for more info on before_filter
There are also plugins and Engines for authentication systems out
there, google for "Login Enine" or "Ative_rbac"
you can learn a great deal from their code.
--~--~---------~--~----~------------~-------~--~----~
You received this message because you are subscribed to the Google Groups
"Ruby on Rails: Talk" group.
To post to this group, send email to
rubyonrails-talk-/JYPxA39Uh5TLH3MbocFFw@public.gmane.org
To unsubscribe from this group, send email to
rubyonrails-talk-unsubscribe-/JYPxA39Uh5TLH3MbocFFw@public.gmane.org
For more options, visit this group at
http://groups.google.com/group/rubyonrails-talk
-~----------~----~----~----~------~----~------~--~---