ActiveStorage Authentication

In the current documentation, we have an approach for Authenticated Controllers. This requires you to essentially duplicate all of the ActiveStorage controllers so you can include your application specific modules.

Would it be better to instead have the ActiveStorage::BaseController inherit from an interim controller like ApplicationStorageController where modules could be included to provide authentication and other types of behavior?

So rather than this:

# app/controllers/logos_controller.rb
class LogosController < ApplicationController
  # Through ApplicationController:
  # include Authenticate, SetCurrentAccount

  def show
    redirect_to Current.account.logo.url
  end
end

You could instead do this:

# app/controllers/application_storage_controller.rb
class ApplicationStorageController < ApplicationController
  include Authenticate, SetCurrentAccount
end

Or maybe there is another way we could provide developers a way to mix in their modules into the existing ActiveStorage controllers?

1 Like

There was a PR to create a BaseController:

In the comments of that PR George Claghorn mentions how they fix this in Hey.