Actions grouped in controller
- Action as method instead of object, shared helper methods
Rendering
- Assigns
- Status codes
Redirection
- Url, Path, Action, Controller
- Attribute-based, save/create/update
Filters
FrontpageController
before_filter :cache
after_filter :compress
WebserviceController
before_filter :token_auth
AdministrationController
before_filter :ensure_login, :audit
SecretController < AdministrationController
prepend_before_filter :encrypt
- Processing chain, separation of concerns, shared stacks
- Before
- Authentication
- Caching
- Auditing
- Loading & Assigns
- After
- Output compression
This is the code example in the PDF:
class LoginController < AbstractApplicationController
# Shows login and any alerts, such as "Invalid login"
def index
if @account.active? then render else render "login/inactive_account" end
end
# Authenticates that a person responding to the user_name/password combo is allowed
# to login to the extranet belonging to the current firm. If that person comes from
# the client, he's redirected to that clients project overview (or straight to the
# project if only one exists). If that person comes from the firm, he's redirected
# to the firm's overview of clients and projects (also known as the dashboard).
def authenticate
if person = Person.authenticate(@params["user_name"], @params["password"], @firm.id)
@session["person"] = person
person.last_login = Time.now.gmtime
person.save
if person.kind_of?(\ClientEmployee)
client_login(Client.find(person.client_id))
else
firm_login
end
else
self.alert = "The username and/or password you entered is invalid."
redirect_action "index"
end
end
# Shows just the user name box
def forgot_password
end
Actions grouped in controller
- Action as method instead of object, shared helper methods
Rendering
- Assigns
- Status codes
Redirection
- Url, Path, Action, Controller
- Attribute-based, save/create/update
Filters
FrontpageController
before_filter :cache
after_filter :compress
WebserviceController
before_filter :token_auth
AdministrationController
before_filter :ensure_login, :audit
SecretController < AdministrationController
prepend_before_filter :encrypt
- Processing chain, separation of concerns, shared stacks
- Before
- Authentication
- Caching
- Auditing
- Loading & Assigns
- After
- Output compression
This is the code example in the PDF:
class LoginController < AbstractApplicationController
# Shows login and any alerts, such as "Invalid login"
def index
if @account.active? then render else render "login/inactive_account" end
end
# Authenticates that a person responding to the user_name/password combo is allowed
# to login to the extranet belonging to the current firm. If that person comes from
# the client, he's redirected to that clients project overview (or straight to the
# project if only one exists). If that person comes from the firm, he's redirected
# to the firm's overview of clients and projects (also known as the dashboard).
def authenticate
if person = Person.authenticate(@params["user_name"], @params["password"], @firm.id)
@session["person"] = person
person.last_login = Time.now.gmtime
person.save
if person.kind_of?(\ClientEmployee)
client_login(Client.find(person.client_id))
else
firm_login
end
else
self.alert = "The username and/or password you entered is invalid."
redirect_action "index"
end
end
# Shows just the user name box
def forgot_password
end