How can I protect static content in Rails 3?

Question

How can I protect static content in Rails 3?

I have an HTML user guide for my application. But I do not want those who are not logged in to have access to it. I use Devise authorization and CanCan authorization.

+4

ruby-on-rails ruby-on-rails-3

AKWF Jan 25 '11 at 19:17

source share

3 answers

I am not familiar with the authentication method you use, but as soon as you authenticate the user, you can save the logged_in flag in your session

session[:user]='logged_in'

than you can create an assistant

 def logged_in? session[:user] =='logged_in' end

Now you can use this helper in your views

 <% if logged_in? %> your html <% end %>

Now it is very simple, if you need something more specific, let us know

- Therefore, I just noticed that you want only registered users to be able to see the entire page.

then you should use function authentication as a filter in front of you in the controller

 before_filter :authenticate

0

ddayan Jan 25 '11 at 19:27

source share

Take a look at the High Voltage plugin.

This is a fairly simple controller designed to serve static content. Authentication by extending HighVoltage :: PagesController and authentication processing, as with any other controller (a minimal example is available on the linked page).

0

ropperman Jan 25 '11 at 19:34

source share

roman · Accepted Answer · 2011-01-25T19:23:00+0000

I would save it outside the shared folder and serve it through a simple controller that just performs authentication. Doing this with x-sendfile ( https://tn123.org/mod_xsendfile/ ) should minimize the additional load on the server. Here is an example: http://elivz.com/blog/single/mod_xsendfile/

How can I protect static content in Rails 3?

More articles: