all:
prob a stupid question.. new to ruby/rails.
I have a working ruby on rails app on my server. However, i don''t
provide authentication service. (login etc).. In my workplace, there
is a centrally authenticated URL- if ppl go there first, they can get
authenticated. i thought i will put my html start page in this
centrally authenticated place(with a form and hidden param and
redirect to my ruby on rails server).
I however, want to prevent ppl directly using http://myServer/app/main
So,
in my main method, i do this
def controller_main
@user = @params[''user'']
if (@user == nil)
redirect_to "http://goway.com" # basically send them to some no
accesspl
end
end
This looked good.. but the problem is: i have other methods like list
def list
# This lists all my data
#here my check for @user always returns nil. Why?
end
Only main method gets access to the html hidden param ''user''.
i dont
know why storing it in @user does not work (i thought its instance
variable).
--~--~---------~--~----~------------~-------~--~----~
You received this message because you are subscribed to the Google Groups
"Ruby on Rails: Talk" group.
To post to this group, send email to
rubyonrails-talk-/JYPxA39Uh5TLH3MbocFFw@public.gmane.org
To unsubscribe from this group, send email to
rubyonrails-talk-unsubscribe-/JYPxA39Uh5TLH3MbocFFw@public.gmane.org
For more options, visit this group at
http://groups.google.com/group/rubyonrails-talk?hl=en
-~----------~----~----~----~------~----~------~--~---
madmax wrote:> all: > prob a stupid question.. new to ruby/rails. > > I however, want to prevent ppl directly using http://myServer/app/main > > So, > in my main method, i do this > def controller_main > @user = @params[''user''] > if (@user == nil) > redirect_to "http://goway.com" # basically send them to some no > accesspl > end > end > > This looked good.. but the problem is: i have other methods like list > def list > # This lists all my data > #here my check for @user always returns nil. Why? > endYou need a before_filter in you application.rb to ensure that this @user object gets created on every request. Instance variables in the controller only exist for the length of one request, and then die. #application.rb class ApplicationController < ActionController::Base before_filter :authenticate def authenticate @user = @params[''user''] redirect_to login_url unless @user end end -- Posted via http://www.ruby-forum.com/. --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Ruby on Rails: Talk" group. To post to this group, send email to rubyonrails-talk-/JYPxA39Uh5TLH3MbocFFw@public.gmane.org To unsubscribe from this group, send email to rubyonrails-talk-unsubscribe-/JYPxA39Uh5TLH3MbocFFw@public.gmane.org For more options, visit this group at http://groups.google.com/group/rubyonrails-talk?hl=en -~----------~----~----~----~------~----~------~--~---
Thanks for your reply. It still does not work for me.
It only works on access to my main page (since the html redirect is
passing a hidden param).
in the login server, my html page content is like this
-------
<form name="form" action="http://myServer/app/main"
method="post">
<input type="hidden" name="user"
value="goodguy">
<p style="text-align: center;">
<input type="submit" value="Goto Library">
---------------------
once my main page is loaded - http://myServer/app/main , in that
main.rhtml, i have link defined like below.
<%= link_to "(Show all Books)",
:controller => "app",
:action => "list" %>
now, clicking on link, redirects me to login page (even though i did
come from that)..
so the authenticate method stores the @user =
@params[''user''].. but it
also seems to lose it
> You need a before_filter in you application.rb to ensure that this @user
> object gets created on every request. Instance variables in the
> controller only exist for the length of one request, and then die.
>
> #application.rb
> class ApplicationController < ActionController::Base
> before_filter :authenticate
> def authenticate
> @user = @params[''user'']
> redirect_to login_url unless @user
> end
> end
>
> --
> Posted viahttp://www.ruby-forum.com/.
--~--~---------~--~----~------------~-------~--~----~
You received this message because you are subscribed to the Google Groups
"Ruby on Rails: Talk" group.
To post to this group, send email to
rubyonrails-talk-/JYPxA39Uh5TLH3MbocFFw@public.gmane.org
To unsubscribe from this group, send email to
rubyonrails-talk-unsubscribe-/JYPxA39Uh5TLH3MbocFFw@public.gmane.org
For more options, visit this group at
http://groups.google.com/group/rubyonrails-talk?hl=en
-~----------~----~----~----~------~----~------~--~---
the way i solved is using session[:user] = @params[''user''] and in other methods i just use the value of session[:user] On 2/21/07, madmax <iammadhu-Re5JQEeQqe8AvxtiuMwx3w@public.gmane.org> wrote:> > > Thanks for your reply. It still does not work for me. > It only works on access to my main page (since the html redirect is > passing a hidden param). > in the login server, my html page content is like this > ------- > <form name="form" action="http://myServer/app/main" method="post"> > <input type="hidden" name="user" value="goodguy"> > <p style="text-align: center;"> > <input type="submit" value="Goto Library"> > --------------------- > > once my main page is loaded - http://myServer/app/main , in that > main.rhtml, i have link defined like below. > <%= link_to "(Show all Books)", > :controller => "app", > :action => "list" %> > > now, clicking on link, redirects me to login page (even though i did > come from that).. > so the authenticate method stores the @user = @params[''user''].. but it > also seems to lose it > > > > > > You need a before_filter in you application.rb to ensure that this @user > > object gets created on every request. Instance variables in the > > controller only exist for the length of one request, and then die. > > > > #application.rb > > class ApplicationController < ActionController::Base > > before_filter :authenticate > > def authenticate > > @user = @params[''user''] > > redirect_to login_url unless @user > > end > > end > > > > -- > > Posted viahttp://www.ruby-forum.com/. > > > > >--~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Ruby on Rails: Talk" group. To post to this group, send email to rubyonrails-talk-/JYPxA39Uh5TLH3MbocFFw@public.gmane.org To unsubscribe from this group, send email to rubyonrails-talk-unsubscribe-/JYPxA39Uh5TLH3MbocFFw@public.gmane.org For more options, visit this group at http://groups.google.com/group/rubyonrails-talk?hl=en -~----------~----~----~----~------~----~------~--~---