64 lines
2.6 KiB
Markdown
64 lines
2.6 KiB
Markdown
+++
|
|
date = "2007-08-24"
|
|
title = "Super Simple Authentication Plugin and Generator"
|
|
tags = ["General", "RubyOnRails", "Features"]
|
|
slug = "super-simple-authentication-plugin-and-generator"
|
|
description = "Authentication made easy"
|
|
+++
|
|
|
|
I hereby proudly announce my <em>Super Simple Authentication</em> plugin and generator.
|
|
|
|
All right, what does it do? Sometimes you need to protect your actions and controllers, but you don't want to go about installing restful_authentication or anything like that. Adding a simple password for certain actions would suffice. So, I wrote a little plugin that can generate some code for you that allows you to easily protect your app with a simple password.
|
|
|
|
To get started, you must first install the plugin in your rails application:
|
|
|
|
``` shell
|
|
script/plugin install http://svn.ariejan.net/plugins/super_simple_authentication
|
|
```
|
|
|
|
When the plugin is installed, you may generate your SSA controller. This controller verifies your password and makes sure you stay authenticated for the duration of your visit.
|
|
``` shell
|
|
script/generate super_simple_authentication sessions
|
|
```
|
|
|
|
Your password is located in config/super_simple_authentication.yml. Change it.
|
|
|
|
In the SessionsController, you'll find an include statement. Move this include to your application controller:
|
|
|
|
``` ruby
|
|
include SuperSimpleAuthenticationSystem
|
|
```
|
|
|
|
The generator automatically added routes to your config/routes.rb file. If you want easy access to login and logout functionality, add these two lines to your config/routes.rb file as well:
|
|
|
|
``` ruby
|
|
map.login '/login', :controller => 'sessions', :action => 'new'
|
|
map.logout '/logout', :controller => 'sessions', :action => 'destroy', :method => :delete
|
|
```
|
|
|
|
You can now protect you actions and controllers with a before_filter:
|
|
|
|
``` ruby
|
|
# Protect all actions in the controller
|
|
before_filter :authorization_required
|
|
|
|
# Protect all actions, except :index and :recent
|
|
before_filter :authorization_required, :except => [:index, :recent]
|
|
|
|
# Protect only :destroy
|
|
before_filter :authorization_required, :only => :destroy
|
|
```
|
|
|
|
In your views, you can check if you are authorized or not with authorized? E.g.
|
|
|
|
``` erb
|
|
<% if authorized? %>
|
|
<!-- do secret admin stuff -->
|
|
<% end %>
|
|
```
|
|
|
|
Please visit <a href="http://trac.ariejan.net">http://trac.ariejan.net</a> to report bugs. Ariejan.net will keep you updated on new major version. <a href="http://feeds.feedburner.com/Ariejan">Please subscribe to the RSS Feed</a>.
|
|
|
|
I hope you enjoy this plugin. Please post a comment if you use it in your project, or if you just like it. Bugs, feature requests and support requests should go into <a href="http://trac.ariejan.net/newticket">Trac</a>
|
|
|