I have several questions and i need clear understanding on how i should
approach them, my target is for creating something called "fakebook",
facebooks copy but not going live at all (uni project).
Security Question
This is the code that helps me protect my "user/index"..
private
def protect
unless session[:user_id]
flash[:notice] = "Please Login to view this page, or Register if
you do not have an account!"
redirect_to :action => :login
return false
end
end
It works perfectly, as it checks for the session ID and when it finds
the user is logged in, he can view the user/index (another code is
placed on top with this).
Otherwise, they cannot view it and it takes them to the login page and a
flash message is displayed.
When the user is logged in, i want it to redirect the "user/register"
and "user/login" to the "user/index", and if they are NOT
logged in,
they can view them. I have done this with the IF command in my menu but
physically they can type the address aka user/register or user/login and
view them again.
How can i redirect this?
thank you for your help!
-Guru
--
Posted via http://www.ruby-forum.com/.
--
You received this message because you are subscribed to the Google Groups
"Ruby on Rails: Talk" group.
To post to this group, send email to
rubyonrails-talk-/JYPxA39Uh5TLH3MbocFF+G/Ez6ZCGd0@public.gmane.org
To unsubscribe from this group, send email to
rubyonrails-talk+unsubscribe-/JYPxA39Uh5TLH3MbocFF+G/Ez6ZCGd0@public.gmane.org
For more options, visit this group at
http://groups.google.com/group/rubyonrails-talk?hl=en.
On Sun, Mar 21, 2010 at 12:25 PM, Jagmit Gabba <lists-fsXkhYbjdPsEEoCn2XhGlw@public.gmane.org> wrote:> I have several questions and i need clear understanding on how i should > approach them, my target is for creating something called "fakebook", > facebooks copy but not going live at all (uni project). > > Security Question > This is the code that helps me protect my "user/index".. > > private > def protect > unless session[:user_id] > flash[:notice] = "Please Login to view this page, or Register if > you do not have an account!" > redirect_to :action => :login > return false > end > end > > It works perfectly, as it checks for the session ID and when it finds > the user is logged in, he can view the user/index (another code is > placed on top with this). > Otherwise, they cannot view it and it takes them to the login page and a > flash message is displayed. > > When the user is logged in, i want it to redirect the "user/register" > and "user/login" to the "user/index", and if they are NOT logged in, > they can view them. I have done this with the IF command in my menu but > physically they can type the address aka user/register or user/login and > view them again. > > How can i redirect this? > > thank you for your help! >I''d strongly suggest you to take a look at Authlogic[1] gem. Even when this is a very simple/personal project, and implement this gem might look too much overhead for you, you''ll get very interesting concepts for authentication. [1]http://github.com/binarylogic/authlogic Hope it helps. -- Leonardo Mateo. There''s no place like ~ -- You received this message because you are subscribed to the Google Groups "Ruby on Rails: Talk" group. To post to this group, send email to rubyonrails-talk-/JYPxA39Uh5TLH3MbocFF+G/Ez6ZCGd0@public.gmane.org To unsubscribe from this group, send email to rubyonrails-talk+unsubscribe@googlegroups.com. For more options, visit this group at http://groups.google.com/group/rubyonrails-talk?hl=en.
Leonardo Mateo wrote:> On Sun, Mar 21, 2010 at 12:25 PM, Jagmit Gabba <lists-fsXkhYbjdPsEEoCn2XhGlw@public.gmane.org> > wrote: >> � � �flash[:notice] = "Please Login to view this page, or Register if >> flash message is displayed. >> > I''d strongly suggest you to take a look at Authlogic[1] gem. Even when > this is a very simple/personal project, and implement this gem might > look too much overhead for you, you''ll get very interesting concepts > for authentication. > > [1]http://github.com/binarylogic/authlogic > > Hope it helps. > > > -- > Leonardo Mateo. > There''s no place like ~Thank you for your reply, i am a very basic student and i need to take it one bit a time. This was small homework set, ill have to take it small steps before i can leap. Would love a simple answer so i can understand it. Thanks once again, Jagmit Gabba -- Posted via http://www.ruby-forum.com/. -- You received this message because you are subscribed to the Google Groups "Ruby on Rails: Talk" group. To post to this group, send email to rubyonrails-talk-/JYPxA39Uh5TLH3MbocFF+G/Ez6ZCGd0@public.gmane.org To unsubscribe from this group, send email to rubyonrails-talk+unsubscribe@googlegroups.com. For more options, visit this group at http://groups.google.com/group/rubyonrails-talk?hl=en.
On 21 March 2010 15:25, Jagmit Gabba <lists-fsXkhYbjdPsEEoCn2XhGlw@public.gmane.org> wrote:> I have several questions and i need clear understanding on how i should > approach them, my target is for creating something called "fakebook", > facebooks copy but not going live at all (uni project). > > Security Question > This is the code that helps me protect my "user/index".. > > private > def protect > unless session[:user_id] > flash[:notice] = "Please Login to view this page, or Register if > you do not have an account!" > redirect_to :action => :login > return false > end > end > > It works perfectly, as it checks for the session ID and when it finds > the user is logged in, he can view the user/index (another code is > placed on top with this). > Otherwise, they cannot view it and it takes them to the login page and a > flash message is displayed. > > When the user is logged in, i want it to redirect the "user/register" > and "user/login" to the "user/index", and if they are NOT logged in, > they can view them. I have done this with the IF command in my menu but > physically they can type the address aka user/register or user/login and > view them again.You have already shown us how you redirect from index to login if the user is not logged in. You are asking how to redirect from register and login if not logged in. Just use basically the same technique but the test will be the the other way round (''if'' instead of ''unless''). Colin -- You received this message because you are subscribed to the Google Groups "Ruby on Rails: Talk" group. To post to this group, send email to rubyonrails-talk-/JYPxA39Uh5TLH3MbocFF+G/Ez6ZCGd0@public.gmane.org To unsubscribe from this group, send email to rubyonrails-talk+unsubscribe@googlegroups.com. For more options, visit this group at http://groups.google.com/group/rubyonrails-talk?hl=en.
Colin Law wrote:> On 21 March 2010 15:25, Jagmit Gabba <lists-fsXkhYbjdPsEEoCn2XhGlw@public.gmane.org> wrote: >> � � �flash[:notice] = "Please Login to view this page, or Register if >> flash message is displayed. >> >> When the user is logged in, i want it to redirect the "user/register" >> and "user/login" to the "user/index", and if they are NOT logged in, >> they can view them. I have done this with the IF command in my menu but >> physically they can type the address aka user/register or user/login and >> view them again. > > You have already shown us how you redirect from index to login if the > user is not logged in. You are asking how to redirect from register > and login if not logged in. Just use basically the same technique but > the test will be the the other way round (''if'' instead of ''unless''). > > ColinThank you very much Colin, Simple code: if session[:user_id] flash[:notice] = "Already registed and logged in! You cannot view the register or login!" redirect_to :action => :index end end Thank you for making me understand :D -- Posted via http://www.ruby-forum.com/. -- You received this message because you are subscribed to the Google Groups "Ruby on Rails: Talk" group. To post to this group, send email to rubyonrails-talk-/JYPxA39Uh5TLH3MbocFF+G/Ez6ZCGd0@public.gmane.org To unsubscribe from this group, send email to rubyonrails-talk+unsubscribe@googlegroups.com. For more options, visit this group at http://groups.google.com/group/rubyonrails-talk?hl=en.