Getting Started with Rails guide: authentication question

Hello,

I beleive there might be a conceptual error in the Security chapter (Getting Started with Rails — Ruby on Rails Guides)

The code explains you have to add the following line in the PostController: http_basic_authenticate_with :name => "dhh", :password => "secret", :except => :index

However, I beleive the readers of that blog also want to access the PostControllers' show action. How would the otherwise be able to add comments to the blog.

This is where I'm stumped. I can't find out how to add two exceptions to the authentication options. Can anyone help me with this?

Untested, but should work:

http_basic_authenticate_with :name => "dhh", :password => "secret", :except => [:index,:show]

Ray

Facepalm => doh!

Thank you. An array of course. I still think the tutorial should be modified to reflect this, no?

Done.

Actually when I looked at it, it was worse than you represented. The text just above this said,

"To use the authentication system, we specify it at the top of our

+PostsController+, in this case, we want the user to be authenticated on every

action, except for +index+ and +show+, so we write that:"

So clearly the example should be

http_basic_authenticate_with :name => “dhh”, :password => “secret”, :except => [:index, :show]

Ray

Hello, I'm not sure how long these changes take to go into effect, and if it's in the process I certainly don't mean to nag about it, however I wanted to put in that the guide still shows the incorrect code sample. Thanks for the information on how it's supposed to be, though!

-Brian