similar to: Rails Recipes Book: Authentication

sorry, because it seems that I need more explanation on this Rails Recipes authorization - I finally got the code working but after using the login I get this back from Rails- Routing Error No url can be generated for the hash {} I''m guessing it''s coming from the redirect- def login if request.post? session[:user] = User.authenticate(params[:first_name],

Im still following the authorization recipe from the book, now all works fine but im getting trouble in how handle the model authorization result, if the user and pass are correct, it goes to a welcome screen(admin.rhtml) but if wrong the model prints a message in an ugly exception like page "usr and pass not correct", i want to redirect the user to the login

Folks, My understanding of how filters work is that I should return true if everything is ok and false if not. How does the filter below work then (from the Rails Recipies book)? It would return nil if there''s a user in the session. Does nil count as true? before_filter :check_authentication def check_authentication unless session[:user] session[:intended_action] =

i got the rails recipes book, i have now an auth system for users without problems, now i want to made a role based acces for my app, im following the "Role Based Authorization" recipe of the book but i cant make it to work even when the tables created and correctly added data manually definig the roles and rights. als i dont know how to define a right for use all the actions in a

Didn''t think I''d be back so quick with another question but here goes: In this recipe for the signin or login (as I call it) there are these two lines if the user authenticates correctly: session[:user] = user.id redirect_to :action => session[:intended_action], :controller => session[:intended_controller] So I''m not seeing anything in the way of an explanation

I''m using Rails Recipes to create a login form but instead of username and password, my setup is firstname, lastname, password. I seemed to be gramatically challenged and not sure how to set up the parameter list. Can anyone offer up a suggestion. The book shows the method starting like: if request.post? user = User.find(:first, :conditions => [''username = ?'' ,

I have a few pages where a user may do something (add tags, login, etc) and I would like to redirect them back to the last page they were at before calling that action. Is there an easy way to do this? -- Posted via http://www.ruby-forum.com/.

I am building an application that requires a C++ program to access the Rails web application using POST. Now, I just added user authentication to the mix and it has made things more interesting. I''m using basic authentication as shown in the AWDWR and Rails Recipes books. I can now get my C++ program to submit the user credentials to the login/login page. All I want the login page

Hi All I wanted a little advice on the convention for namespace usage and organisation of code. I originally used PHP and often had an "admin" backend that performed the various admin tasks with users, and data Then I had a front-end often situated at the root that had user services. I''m trying to emulate this in Rails but feel I''m missing a significant point here and

Hi! I want to add a function with a static paramter ("2" in the example) to a filter, but somehow Rails seems to be looking for another syntax. before_filter :check_quantity(2), :only => [:show] doesn''t work. What''s the right way to do this? Thanks a lot! -- Posted via http://www.ruby-forum.com/.

Hi there, I''m having a bit of an issue with my before_filter. I know that the filters put in the application.rb controller are global for all the controllers. In my application filter I''d like to allow access to the RSS feed method in a ''member'' controller and skip the login checks that the before_filters are currently performing. In my application my filters

Thank you in advance for your help. I am relatively new to both Rails and Rspec and I am hoping for some insight from some experienced veterans. Right now I am using Rspec for code that has already been written so that additional functionality can be developed using the BDD method. My problem shows up when I try to spec controllers that are behind the login system. Each page checks for the

Hi, im building a little cms and i want to separate the admin zone controllers in a subfolder(controllers/admin) if possible to all be managed by one login module, i just have managed simple 3 or 4 controller apps so any help you can give me will be very apreciated. ;) -- Posted via http://www.ruby-forum.com/.

I have this page that you login in from. You get authenticated and then bumped over to the appropriate page depending on what your role is: Traveler, Travel Manager, Admin. All pieced work except for the role asssociated with Travel Managers who get tossed out, apprarently when they hit a before_filter to check authenication. However, it seams that they are properly getting authenticated and moved

I''ve got these two lines set up in my controller before_filter :check_authentication before_filter :check_max_hands, :only => [ :play ] Here''s the corresponding code for each def check_authentication unless session[:user] and authorize?(session[:user]) session[:intended_action] = request.request_uri redirect_to :controller => ''user'',

I have two before_filters for a few of my controllers. They are running my own methods authorize and admin_authorize. authorize is called on just about every action to make sure that a user is logged in. admin_authorize is called on about 80% of the actions and is used to make sure that a user is an administrator. If a user tries to access an admin_authorize protected action without being

Hi, I have four controllers: one for the store front and three for the store admin. In each controller I have copied and pasted exactly the same code. It is a method called redirect_to() to override Action Controller''s redirect_to(). Copy and paste is bad. I can think of two options but I don''t know how Rails will feel about them. Option 1: Can I create an intermediate

I''ve got a User model, which holds the following (excerpt): def try_to_authenticate User.authenticate(self.username, self.password) end .. private def self.hash_password(password) Digest::SHA1.hexdigest(password) end def self.authenticate(username, password) @user = User.find(:all, :conditions => ["username = ? AND password = ?",

I''ve successfully gotten acts_as_authenticated working. Currently the before_filter line for my admin screen is like this: class AdminController < ApplicationController include AuthenticatedSystem before_filter :login_required Only issue I have now is that anyone logged in can access that screen. I''d like to differentiate between a regular user and

Hi, Suppose I have a resource such as http://localhost:3000/topsecret/data that requires the user to login first. What I did was make use of before_filter to check and see if the session variable is set with the logged in user''s id (similar to the example in "Agile Web Development with Rails"). However while the filtering function does work correctly in redirecting the