I feel kind of "slow" asking this post - but I can't get my head
wrapped around the connection between the authentication of a user and
the usage of the current_user values in other controllers.
If I had a controller "my_stuff" and I wanted two methods to require
login, via restful, how can I go about doing that? Once I've required
login, how can I go about accessing the session information, like
userid and such?
I've tried, in the controller doing something like
@user = current_user
@user = session.current_user
or even something similar to @user = User.find_by_id(session.user_id)
Just can't get over / through "that" hurdle... once I do that, I'll be
happy with an auth tie-in to my app.
I come from a Perl world, and I know I recently mentioned that RoR is
the best thing since sliced bread (read: mod_perl) - I'm not fully
able to get past authentication, etc.
After installing, examine the file RAILS_ROOT/lib/
authenticated_system.rb, and you'll see exactly how the current_user
method works. The short answer to your question is that you don't
need to do anything like "@user = User.find_by_id(session.user_id)."
RestfulAuth also provides a method called 'login_required' which you
can use to require login for any controller method.
At the top of your controller,
before_filer :login_required, :except => :show
will require login on all methods except for show.
In the case of restful_authentication (and others like it), you add
the functionality into ApplicationController by including
AuthenticatedSystem. Typically your other controllers extend
ApplicationController so they inherit the functionality.