The way I have done this in the past was:
application.rb
before_filter :requires_login
my_controller.rb
before_filter :requires_login, :except => [:login, :logout]
Worked ok for me... I''m not sure if it has a negative performance hit
or
not?
On 11 May 2006 06:22:14 -0000, steve ross
<devlists-rubyonrails@devlists.com>
wrote:>
> I have a simple login scheme in application.rb. Something like
> :requires_login is called in any controller as a before_filter. All is
> good, except I''m having trouble figuring out how to make the
public
> login actions skip this before filter. Here''s what I have:
>
> application.rb
>
> skip_before_filter :requires_login, :only => [:login, :logout,
> :confirm_valid_login]
>
>
> my_controller.rb
>
> before_filter :requires_login, :except => [:list, :show]
>
>
> I can''t successfully pass authentication and what I believe is
happening
> is that all the right things are happening up till the point of
> my_controller.rb, where the :except tells Rails to add all the actions
> from application.rb back into the filter chain. I know if I invert the
> logic in my_controller to an :only, the auth code in application.rb
> works fine.
>
> Q: At what point would the skip... in application.rb be called?
> Q: Is there a best practice for doing something like this (other than
> the obvious: use login_engine)?
> Q: Is there a good place to read about this?
>
> Thanks
> --
> Posted with http://DevLists.com. Sign up and save your mailbox.
> _______________________________________________
> Rails mailing list
> Rails@lists.rubyonrails.org
> http://lists.rubyonrails.org/mailman/listinfo/rails
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL:
http://wrath.rubyonrails.org/pipermail/rails/attachments/20060511/ac89de60/attachment.html