ariejan/devroom.io
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
1dd59a7ce1
devroom.io/content/posts/2007-08-24-super-simple-authentication-plugin-and-generator.md
Ariejan de Vroom f272bab7bc 2019 Redesign
2019-06-05 14:32:16 +02:00

64 lines
2.6 KiB
Markdown
Raw Blame History

+++
date = "2007-08-24"
title = "Super Simple Authentication Plugin and Generator"
tags = ["General", "RubyOnRails", "Features"]
slug = "super-simple-authentication-plugin-and-generator"
description = "Authentication made easy"
+++
I hereby proudly announce my <em>Super Simple Authentication</em> plugin and generator.
All right, what does it do? Sometimes you need to protect your actions and controllers, but you don't want to go about installing restful_authentication or anything like that. Adding a simple password for certain actions would suffice. So, I wrote a little plugin that can generate some code for you that allows you to easily protect your app with a simple password.
To get started, you must first install the plugin in your rails application:
``` shell
script/plugin install http://svn.ariejan.net/plugins/super_simple_authentication
```
When the plugin is installed, you may generate your SSA controller. This controller verifies your password and makes sure you stay authenticated for the duration of your visit.
``` shell
script/generate super_simple_authentication sessions
```
Your password is located in config/super_simple_authentication.yml. Change it.
In the SessionsController, you'll find an include statement. Move this include to your application controller:
``` ruby
include SuperSimpleAuthenticationSystem
```
The generator automatically added routes to your config/routes.rb file. If you want easy access to login and logout functionality, add these two lines to your config/routes.rb file as well:
``` ruby
map.login '/login', :controller => 'sessions', :action => 'new'
map.logout '/logout', :controller => 'sessions', :action => 'destroy', :method => :delete
```
You can now protect you actions and controllers with a before_filter:
``` ruby
# Protect all actions in the controller
before_filter :authorization_required
# Protect all actions, except :index and :recent
before_filter :authorization_required, :except => [:index, :recent]
# Protect only :destroy
before_filter :authorization_required, :only => :destroy
```
In your views, you can check if you are authorized or not with authorized? E.g.
``` erb
<% if authorized? %>
<!-- do secret admin stuff -->
<% end %>
```
Please visit <a href="http://trac.ariejan.net">http://trac.ariejan.net</a> to report bugs. Ariejan.net will keep you updated on new major version. <a href="http://feeds.feedburner.com/Ariejan">Please subscribe to the RSS Feed</a>.
I hope you enjoy this plugin. Please post a comment if you use it in your project, or if you just like it. Bugs, feature requests and support requests should go into <a href="http://trac.ariejan.net/newticket">Trac</a>
Reference in New Issue View Git Blame Copy Permalink