I've googled around enough to see that this is a common issue, but haven't found a definitive answer on how to access a value from the params hash in a before_filter. I'm currently trying this:
before_filter :only => [:create, :update, :destroy] do |controller| controller.bounce_if_unauthorized params[:token] end
with the following in application_controller.rb:
protected def bounce_if_unauthorized token puts token redirect_to root_path, :alert => 'You are not authorized.' unless token == 'abcde' end
but the equality is never true. Meanwhile, the verify method mentioned at Action Controller Overview — Ruby on Rails Guides is no longer listed in the API, so that's probably not the way to go either.
How can I create a before_filter based on an element of the params hash?