I'm finding I'm increasingly creating sites in a similar form and I'd
like to clarify if I'm doing it in the most efficient manner for
security management and generally a railsey approach.
I make a welcome controller and associated actions e.g.
./script/generate controller welcome actionname1 actionname2 actionname3
I then populate the views for all the actions in the welcome controller
with suitable content.
That's it for the front end.
Then for my backend <cough>, I use acts_as_authenticated and generate an
account model and a user or two.
I then create various other controllers generally with scaffolding and
secure them with a before filter (filter all the actions unless the user
is logged in).
That's basically it,
In my welcome controller views I generally access variables created by
the backend functions (for example blog entries or whatever).
Is my approach an "ok" one. After deploying my 2nd rails site I want to
make sure I've got the right idea before going on.
I use migrations, but I'm not testing yet, that's my next goal.