There are deferent types for http authentication, the simplest one is Basic Access Authentication. It depends on encoding the user name and password using Base64 encoding and put it in the http authorization header.
Rails helps you in using http basic authentication, or as they say in its documentation "Makes it dead easy to do HTTP Basic authentication". All you need to do is very simple:
- Create a separated module, may be called "Authentication"
module Authentication
end - Create a method inside the module that will do your authentication
def authenticate
authenticate_or_request_with_http_basic do |username, password|
end
end
Note that I put a call to authenticate_or_request_with_http_basic method in ActionController::HttpAuthentication::Basic Module that will provide you with the sent user name and password after decoding them using Base64 decoder. - Now, you need to call the authentication method before every call to your controllers. That will done by putting a "before_filter" call in your ApplicationController class:
class ApplicationController < ActionController::Base
include Authentication
before_filter :authenticate
.....
end - If you need to skip some controllers from authentication chain, put in this controller a call to skip_before_filter:
skip_before_filter :authenticate - The last step is filling your authentication method with the code that will do the authentication check using the given user name and password.
No comments:
Post a Comment