I would suggest taking a look at Ryan Bates screencast about restful authentication (http://railscasts.com/episodes/67), write a simple application or two using restful authentication, and then walk through the code to see how it all works. IIRC, it has support for doing just what you asked.
--wpd On Fri, Jan 9, 2009 at 5:23 PM, Jables <brun3...@uidaho.edu> wrote: > > Hey, > I need some advice on something. I have a fairly large and complex > website (uberpwner.com) and all authentication I do is done by before > filters. Basically before_filter :login_required. > login_required does basic authentication and then redirects to the > root_path. Here is the essentials from the login system code (which > is mostly taken from the beast forum): > > def login_required > login_by_token unless logged_in? > login_by_basic_auth unless logged_in? > respond_to do |format| > format.html { redirect_to login_path } > format.js { render(:update) { |p| p.redirect_to > login_path } } > format.xml do > headers["WWW-Authenticate"] = %(Basic realm="Beast") > render :text => "HTTP Basic: Access denied.\n", :status > => :unauthorized > end > end unless logged_in? && authorized? > end > > def login_by_token > self.current_user = User.find_by_id_and_login_key(*cookies > [:login_token].split(";")) if cookies[:login_token] and not logged_in? > end > > @@http_auth_headers = %w(X-HTTP_AUTHORIZATION HTTP_AUTHORIZATION > Authorization) > def login_by_basic_auth > auth_key = @@http_auth_headers.detect { |h| request.env.has_key? > (h) } > auth_data = request.env[auth_key].to_s.split unless > auth_key.blank? > self.current_user = User.authenticate *Base64.decode64(auth_data > [1]).split(':')[0..1] if auth_data && auth_data[0] == 'Basic' > end > > Now here is what I want: when a user clicks a page that requires > authentication they should be redirected to the login page, then on > successful login to the page they are going to. If they are trying to > submit something to the site they should be redirected to login, then > their submission should go through on successful login. > > Any advice on how to achieve this would be very appreciated! > JB > > > --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Ruby on Rails: Talk" group. To post to this group, send email to rubyonrails-talk@googlegroups.com To unsubscribe from this group, send email to rubyonrails-talk+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/rubyonrails-talk?hl=en -~----------~----~----~----~------~----~------~--~---