Check out before_filter. This allows you to call a method (or Proc) to determine whether the code should continue running.
# is ok? return true else return false
Also, check out the LoginEngine (http://api.rails-engines.org/login_engine/), a very comprehensive user authentication tool for Rails. Even if it’s too much for your app, it still has a lot of good ideas in it on how to do just this.