before_filter

authorize メソッドを login をのぞくすべてのアクションの前にフックして実行

depot/app/controllers/application.rb

@@ -1,7 +1,9 @@
+# -*- coding: utf-8 -*-
 # Filters added to this controller apply to all controllers in the application.
 # Likewise, all the methods added will be available for all controllers.
 
 class ApplicationController < ActionController::Base
+    before_filter :authorize, :except => :login
   helper :all # include all helpers, all the time
 
   # See ActionController::RequestForgeryProtection for details
@@ -12,4 +14,12 @@ class ApplicationController < ActionController::Base
   # Uncomment this to filter the contents of submitted sensitive data parameters
   # from your application log (in this case, all fields with names like "password").
   # filter_parameter_logging :password
+
+    protected
+    def authorize
+        unless User.find_by_id(:session[:user_id])
+            flash[:notice] = "ログインしてください"
+            redirect_to :controller => 'admin', :action => 'login'
+        end
+    end
 end