railstutorial.org has a suggestion which strikes me as a little odd.
Here:
http://ruby.railstutorial.org/chapters/sign-in-sign-out#code:sessions_helper_include
... it suggests this code:
class ApplicationController < ActionController::Base
protect_from_forgery
include SessionsHelper
end
...making SessionsHelper available essentially everywhere. I
understand that authentication/authorization is cross-cutting, but is
this really the best place? Would functionality not strictly needed in
views be better placed in ApplicationController or elsewhere?
Thoughts?
Thanks,
-Craig
The above code *does* put it in ApplicationController. Perhaps I
misunderstand your question.
Colin
The SessionsHelper option makes the methods available from ApplicationController, yes, but it makes them available in any view, as well. That seems to me to be potentially too broad of a scope. Also, putting code which implements, say, a before_filter which conditionally redirects (as the railstutorial.org example does) in a module which more commonly contains view helpers seems surprising.
I'm not sure if my concerns are well-founded or if I'm "thinking too much" about this.
-Craig